nrj.ua Open in urlscan Pro
185.187.81.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nrj.ua/
Effective URL:
https://nrj.ua/
Submission: On December 14 via api (December 14th 2022, 9:51:49 am UTC) from GB — Scanned from GB

Summary HTTP 180 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 17 domains to perform 180 HTTP transactions. The main IP is 185.187.81.245, located in Ukraine and belongs to IDSTRATEGY-AS, UA. The main domain is nrj.ua.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 17th 2021. Valid for: a year.

This is the only time nrj.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	185.187.81.245 185.187.81.245	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	185.187.81.226 185.187.81.226	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2600:9000:223... 2600:9000:223c:8400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
7	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	185.187.81.232 185.187.81.232	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
180	24

53 185.187.81.245 (Ukraine) 1 redirects

ASN43332 (IDSTRATEGY-AS, UA)

nrj.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

juke.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.226 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

cast.radiogroup.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.187.81.232 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

radioclub.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	nrj.ua 1 redirects nrj.ua	11 MB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	676 KB
16	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 81 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193	177 KB
14	radioclub.ua radioclub.ua	561 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	192 KB
7	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
6	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 514933 juke.mmi.bemobile.ua — Cisco Umbrella Rank: 691760 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 555085	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	141 KB
3	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 207534	4 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7952 adservice.google.de — Cisco Umbrella Rank: 11832	1 KB
2	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14413	5 KB
2	radiogroup.com.ua cast.radiogroup.com.ua
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 915 pixel.quantserve.com — Cisco Umbrella Rank: 655	10 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	693 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 851	448 B
180	17

	Domain	Requested by
53	nrj.ua	1 redirects nrj.ua
35	tpc.googlesyndication.com	googleads.g.doubleclick.net nrj.ua tpc.googlesyndication.com pagead2.googlesyndication.com
14	radioclub.ua	nrj.ua
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com nrj.ua googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	nrj.ua pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
10	fonts.gstatic.com	fonts.googleapis.com
7	www.google-analytics.com	nrj.ua www.google-analytics.com
5	www.google.com	3 redirects nrj.ua tpc.googlesyndication.com
4	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	fonts.googleapis.com	tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	pa.tns-ua.com	source.mmi.bemobile.ua pa.tns-ua.com nrj.ua
2	csi.gstatic.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
2	cdn.plyr.io	nrj.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cast.radiogroup.com.ua	nrj.ua
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.quantserve.com	nrj.ua
1	www.google.de	nrj.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	nrj.ua
1	juke.mmi.bemobile.ua	nrj.ua
1	source.mmi.bemobile.ua	nrj.ua
180	26

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
appgallery7.huawei.com
www.facebook.com
www.ldc-ua.org
www.youtube.com
loungefm.com.ua
avtoradio.ua
radiopyatnica.com.ua
radioclub.ua
djfm.ua
perec.fm
shanson.ua
www.instagram.com

Subject Issuer	Validity	Valid
nrj.ua RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-17` - `2023-01-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.radiogroup.com.ua RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-24` - `2023-02-07`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
juke.mmi.tns-ua.com R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.plyr.io GTS CA 1P5	`2022-10-31` - `2023-01-29`	3 months	crt.sh
radioclub.ua Thawte RSA CA 2018	`2021-12-13` - `2023-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://nrj.ua/
Frame ID: 6DAFDF2CD0C69F8046E8B7333C988DCC
Requests: 103 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 7825DEA347B011CB4E5D5B79C4AFEF45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&adk=1812271804&adf=3025194257&lmt=1671011487&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fnrj.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487139&bpp=5&bdt=469&idt=435&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5608862389310&frm=20&pv=2&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=456
Frame ID: 2DD5CF1E188A56B3CE563FA12DD6548A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=600&slotname=6826772420&adk=1735060560&adf=2000120436&pi=t.ma~as.6826772420&w=188&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=188x600&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487144&bpp=2&bdt=474&idt=478&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PKHGP5nhp7&p=https%3A//nrj.ua&dtd=483
Frame ID: 23FAC70D87B607BE9B145C2FFA24B4FA
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: C36F82E0548EDAFCFBE2BE9F86219E0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=280&slotname=6592922416&adk=2100718444&adf=777223331&pi=t.ma~as.6592922416&w=1200&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=1200x280&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487146&bpp=1&bdt=476&idt=494&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C188x600&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=2334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=do8N87FfkK&p=https%3A//nrj.ua&dtd=497
Frame ID: 89C57B6EEF39C6E4F70613A6D1B764AE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html
Frame ID: 2EE4B0B9D8B9EA4BC0E25B660692A9ED
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CIApun5yZY96JMYPwnwTyg7UY8Ye48m3JypPsvhCOpN6gqDAQASCNvqJLYJUCoAGyisGqAcgBCakC1q_NGkK7qD6oAwHIA0iqBLcBT9BzJv2dh9Rm1wPonYFCdAfy6-Kj31t3zauTzlGQU9ER4quzJE46faRTKoT7qJxiprTEfBI_zhIZNO2g4m92RbqlPB77KaFIihkgkK0LrOP6pC1o8a8c8Qhx9or7r3CQmTixzkDfQFWGeQu6B_KjvCDXjiMAlVX8yYnFcUCkoQi1BdkYEtBknnrzbzBy0ff9fPBb59DM7mEXXFZwJoOfj6O621IOT2WkWAaviWsopVxx4H9VuDD_wATXhcygogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTUxNTczODI1MDU2MTE5NzUYAA&sigh=tFap1QlwZlM&uach_m=[UACH]&cid=CAQSGwDq26N9-p1yJQM3XVw2EawoTDfS0WE8oC6p6hgBIBM&template_id=419
Frame ID: F5E75076B6AE5F174547FA208DBFA05A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html
Frame ID: 2B479D58B3963EC460F366CB471FF17A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CQsqen5yZY_qIMdC1nwSFvLuQAvGHuPJticiT7L4QjqTeoKgwEAEgjb6iS2CVAqABsorBqgHIAQmpAmnmXBiguag-qAMByANIqgS2AU_Qy5EUGg2qGRMvMOCDGmS_tcnHGoeecjxIGBFdjtYlOLsboyXufGs35hKiVTRh3J8-Wt6ZK_yzMaLConzbcIKirrsjeaG3X_auA0g8kyjFaMpzCrXV6npl1UqsJqdBe_eAhagg9XqxQQM3y4x_q5CZ95dY8DKC6jpsSytnxlgEB9TGTELXT6g6SJ_kgtBpczX_ucSlGf09MQ6oBpAhrO_wn2lmXzci-1JmDHYSUW6SVPPHBenVwATXhcygogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCP3gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTU3MzgyNTA1NjExOTc1GAA&sigh=7TL-ouRn5KM&uach_m=[UACH]&cid=CAQSGwDq26N94gkewBUmBA2BbSBQ0OIm9LoeAQCZYRgBIBM&template_id=419
Frame ID: FB22DA5792E4C622E9747C4798431244
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AB5753557AE14441611913B7A93FAD0C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86AB0D5AA5E15C1B820B34838F6BA49C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: A9CAA111770974315627D78B0A1A2FC8
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: CAB29C76DE79C00A454D928369F526DA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 662E20FB541D05C7AE583DE48217AE72
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BB8690E8E5F9B37C30A5FD01E72997B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84532F5993DB823B4994FB19963FFEAE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NRJ Ukraine - Офіційний сайт радіостанції. Слухай NRJ в онлайн

Page URL History Show full URLs

http://nrj.ua/ HTTP 301
https://nrj.ua/ Page URL

Detected technologies

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

180
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

26
Subdomains

24
IPs

5
Countries

12737 kB
Transfer

23689 kB
Size

12
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/ua/app/nrj-ukraine/id1241329357?mt=81

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=genevios.nrj_ua&hl=en_US

Search URL Search Domain Scan URL

URL: https://appgallery7.huawei.com/#/app/C102381243

Search URL Search Domain Scan URL

URL: https://www.facebook.com/panbaran.ua

Search URL Search Domain Scan URL

URL: https://www.ldc-ua.org/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCH63IMaZsNv4K8j7xzrLj9Q
Title: На канал у YouTube

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=FaJcwxjXxFM&feature=youtu.be

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=IqPQ9zj9XE4

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VDtbIqRQY1Q&feature=youtu.be

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=63BzFowUHn4

Search URL Search Domain Scan URL

URL: https://loungefm.com.ua/

Search URL Search Domain Scan URL

URL: http://avtoradio.ua/

Search URL Search Domain Scan URL

URL: https://radiopyatnica.com.ua/

Search URL Search Domain Scan URL

URL: https://radioclub.ua/radio/retro-fm

Search URL Search Domain Scan URL

URL: https://radioclub.ua/radio/businessradio

Search URL Search Domain Scan URL

URL: https://djfm.ua/

Search URL Search Domain Scan URL

URL: https://perec.fm/

Search URL Search Domain Scan URL

URL: https://radioclub.ua/radio/powerfm

Search URL Search Domain Scan URL

URL: https://shanson.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nrjukraine

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nrjukraine/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nrj.ua/ HTTP 301
https://nrj.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

180 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nrj.ua/
Redirect Chain

http://nrj.ua/
https://nrj.ua/

52 KB
10 KB

342ms
167ms

Document
text/html

185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: fd04ae51873d791da5a67c763f60156c7cccb6e97ce98e66a13f47cfb4345fa5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 8783
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 09:51:26 GMT
Keep-Alive: timeout=5, max=200
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 223
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 14 Dec 2022 09:51:26 GMT
Keep-Alive: timeout=5, max=200
Location: https://nrj.ua/
Server: Apache

GET
H/1.1 200
OK app.min.css
nrj.ua/css/ 93 KB
14 KB 87ms
87ms Stylesheet
text/css 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/css/app.min.css
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: b6ae9cae38999e81624a0eadfee5d866edcf491504da668fa2108f60d2bda86b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Jul 2022 07:21:09 GMT
Server: Apache
ETag: "17425-5e473cb749eca-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 14047

GET
H/1.1 200
OK NRJ.png
nrj.ua/images/ 135 KB
135 KB 172ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/NRJ.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 792c0ba5815b13e4bc38f77eb7c897d5f024fb8a6e7a3d2847db60a76f31584c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "21b6c-5d13e1f8293fe"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 138092

GET
H/1.1 200
OK app.png
nrj.ua/images/ 7 KB
8 KB 984ms
80ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/app.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 50b8ba25b2ea64a622ee9c5da3ae1e65e5d9603adf1c4b9d929ac11a6cdaa400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "1d9d-5d13e1f82a39f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=192
Content-Length: 7581

GET
H/1.1 200
OK google.png
nrj.ua/images/ 9 KB
9 KB 982ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/google.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 7f5fb85589b15157031061c6da3696ef95135353f07c5310b237b07e4b68056e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "22a7-5d13e1f82a39f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 8871

GET
H/1.1 200
OK appgallery.png
nrj.ua/images/ 18 KB
18 KB 985ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/appgallery.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: e1c4968f4fb1346e9ff5afd523b756bd38fdc9baefa1ff3757013710835d81c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "48b5-5d13e1f82a39f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 18613

GET
H/1.1 200
OK nrj.jpg
nrj.ua/images/ 43 KB
43 KB 1040ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 62df039eb10ec6338728155db9081a4d52a113435d006e3ec2a76b873e1c454a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "ac60-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 44128

GET
H/1.1 200
OK nrj_hot40.jpg
nrj.ua/images/ 36 KB
36 KB 1053ms
80ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj_hot40.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 0c2d9d4d23668f9a96cf44bd7a334a4af8fe6cc60fdcce2245de5a81c5d58037

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "8ffd-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=191
Content-Length: 36861

GET
H/1.1 200
OK nrj_hype.jpg
nrj.ua/images/ 35 KB
35 KB 745ms
80ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj_hype.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 6ec3bb86376862174186aa4c4cad06da03e838032716ff7b533ec962021ef1cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "8b57-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 35671

GET
H/1.1 200
OK nrj_allhits.jpg
nrj.ua/images/ 37 KB
37 KB 756ms
81ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj_allhits.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 9a179c4bb7e370f84b5ff947f1234412507f2c39e6e8e054e3d9e891b2884ced

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "9220-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 37408

GET
H/1.1 200
OK jryi9OczyJ.png
nrj.ua/uploads/slider/ 99 KB
99 KB 804ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/jryi9OczyJ.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 16a78df2e91683d1d24c5cbe6465cb578fab46a08c9d219c7e6c918499c1ac8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Fri, 02 Dec 2022 17:11:44 GMT
Server: Apache
ETag: "18a1a-5eedb6e9fcbb3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 100890

GET
H/1.1 200
OK WrT2G6I2UT.png
nrj.ua/uploads/slider/ 201 KB
201 KB 827ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/WrT2G6I2UT.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: d0aab962f713bd6559ee16a718d3f887422ecb2afe442b44c392795eb58854b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Mon, 21 Nov 2022 12:08:54 GMT
Server: Apache
ETag: "324d4-5edf9eb5d6a85"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=193
Content-Length: 206036

GET
H/1.1 200
OK vp1gAItGem.jpg
nrj.ua/uploads/slider/ 382 KB
382 KB 889ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/vp1gAItGem.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: d4cec7c20f20e4b1faa390650d7687d01afc7299c8f5475efd071220d6d36b62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 29 Oct 2022 21:53:54 GMT
Server: Apache
ETag: "5f7b1-5ec3369171ffd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 391089

GET
H/1.1 200
OK 8Yi5OYMTcg.png
nrj.ua/uploads/slider/ 299 KB
300 KB 838ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/8Yi5OYMTcg.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 7b4efcebecd33bfebca1afb5f3a029af79b2a8a297d27db3ec0f978d9c648c74

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Wed, 13 Apr 2022 12:36:44 GMT
Server: Apache
ETag: "4ad21-5dc886e216872"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 306465

GET
H/1.1 200
OK b9kzSzeHRE.png
nrj.ua/uploads/slider/ 182 KB
182 KB 834ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/b9kzSzeHRE.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 30ae8e3da669e62a9cc264e80f43e7165ab6a64006094df5be2747fd134611ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Wed, 27 Apr 2022 08:33:06 GMT
Server: Apache
ETag: "2d85d-5dd9ea8986af4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 186461

GET
H/1.1 200
OK L2q4pcJFwl.jpg
nrj.ua/uploads/news/ 465 KB
465 KB 253ms
83ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/L2q4pcJFwl.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: b3a2c9e302dab93a41bb53bedfadf64cd1336c81191be5a38ac3b5e0e130a1b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Fri, 02 Dec 2022 11:00:45 GMT
Server: Apache
ETag: "7443c-5eed63fe05bb2"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 476220

GET
H/1.1 200
OK lnX0HxBOGU.png
nrj.ua/uploads/news/ 680 KB
680 KB 499ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/lnX0HxBOGU.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 5fcb8f846998df962a7d426b50e4254695cec4e62ac70b94e372fa1ea2b73c23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Fri, 18 Nov 2022 09:05:38 GMT
Server: Apache
ETag: "aa0d0-5edbb026c72ce"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 696528

GET
H/1.1 200
OK mbCZCz2gty.jpg
nrj.ua/uploads/news/ 51 KB
51 KB 250ms
83ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/mbCZCz2gty.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 52e3856ad8328e5d64048a010c569ebfa7516abd412a74876c195a3e1631dc26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Tue, 13 Dec 2022 10:14:34 GMT
Server: Apache
ETag: "ca3a-5efb2e2f7dd60"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 51770

GET
H/1.1 200
OK buA1FDlmkI.jpg
nrj.ua/uploads/news/ 1 MB
1 MB 264ms
81ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/buA1FDlmkI.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 0216e3d32e040118d253dd5de43571e4d350c7419e7b2f43765347efab99aeb6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Fri, 09 Dec 2022 12:52:12 GMT
Server: Apache
ETag: "139df9-5ef649f539bf8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1285625

GET
H/1.1 200
OK lkm6RdEBeG.jpg
nrj.ua/uploads/news/ 230 KB
231 KB 422ms
83ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/lkm6RdEBeG.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: e0e5a85f9b7e2462bfdcdb069238a9a206c76207e7502039e9fd543e35da93ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 08 Dec 2022 17:33:06 GMT
Server: Apache
ETag: "39951-5ef546e0b99b6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 235857

GET
H/1.1 200
OK PjF34CYeIx.png
nrj.ua/uploads/news/ 692 KB
692 KB 523ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/PjF34CYeIx.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 1504f68648e18c1537591170e5c32b983904585ccc2cc41e59feaace3f9c4ae2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 08 Dec 2022 14:38:44 GMT
Server: Apache
ETag: "ace95-5ef51fe78429f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 708245

GET
H/1.1 200
OK dP6sy7kA6L.jpg
nrj.ua/uploads/news/ 528 KB
528 KB 636ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/dP6sy7kA6L.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: f85115f3e8dd014a84c981b3d09da32eb67712b19c302a2824f54f530469e685

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Wed, 07 Dec 2022 12:55:33 GMT
Server: Apache
ETag: "83f99-5ef3c6fa799ea"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 540569

GET
H/1.1 200
OK gkJcpu0i4J.jpg
nrj.ua/uploads/news/ 138 KB
139 KB 194ms
83ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/gkJcpu0i4J.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: b0ec81b5d694055014c41a81be438f546ba914d56e7657cfe73a79c8eedd63b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Mon, 05 Dec 2022 15:10:18 GMT
Server: Apache
ETag: "22927-5ef1615d3df95"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 141607

GET
H/1.1 200
OK 57ndwVhMuO.png
nrj.ua/uploads/news/ 566 KB
566 KB 644ms
388ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/57ndwVhMuO.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 84faf3a1ee69dc23bf0b8593265d51b93da8d2c2b873142084f62a73e0ab7e2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 03 Dec 2022 10:56:53 GMT
Server: Apache
ETag: "8d633-5eeea4fe07412"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 579123

GET
H/1.1 200
OK Jn1PoALeHZ.jpg
nrj.ua/uploads/news/ 91 KB
92 KB 663ms
81ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/Jn1PoALeHZ.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 45e244c29ec7736f8aeb2a7e968bbfcfd3f48476b8068a19cbac37c8ad523eaa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 01 Dec 2022 16:40:58 GMT
Server: Apache
ETag: "16d56-5eec6e2c23277"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 93526

GET
H/1.1 200
OK VS5OEOUKHa.png
nrj.ua/uploads/news/ 329 KB
329 KB 81ms
80ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/VS5OEOUKHa.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: c7ff3be2eed815ad90a7559086f6b7a5f230f2f20182e9036afea5b808b469cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 01 Dec 2022 14:28:00 GMT
Server: Apache
ETag: "52216-5eec5073b19d4"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 336406

GET
H/1.1 200
OK RKVgwJV49D.png
nrj.ua/uploads/news/ 261 KB
261 KB 82ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/RKVgwJV49D.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 696efa9b3d8d97dd26d62bbee9f70ca65b5d8ca3a216be69168d19df90c13c92

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Wed, 30 Nov 2022 11:57:25 GMT
Server: Apache
ETag: "413f2-5eeaeced53897"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 267250

GET
H/1.1 200
OK FAIL9eFbBQ.jpg
nrj.ua/uploads/news/ 338 KB
338 KB 82ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/FAIL9eFbBQ.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 08a362a4dd9ee619cfd9cd74106d8d80ae94f04f92c1e6f889b3279de214e780

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Tue, 22 Nov 2022 16:53:28 GMT
Server: Apache
ETag: "54626-5ee1202dc68e3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 345638

GET
H/1.1 200
OK YP7UFIlgy7.jpg
nrj.ua/uploads/news/ 385 KB
385 KB 82ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/news/YP7UFIlgy7.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 14c147dccdd8fdad42d83b29b8268d4a0b46177bb09a59237ed2fe4a7e203209

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Mon, 21 Nov 2022 16:24:51 GMT
Server: Apache
ETag: "6027f-5edfd7eab152d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=193
Content-Length: 393855

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 227ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5157382505611975

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a06bfca92c64d52a9446de65a52d4d541a2865fa3004f3cbd71adcf186755e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Origin: https://nrj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49475
x-xss-protection: 0
server: cafe
etag: 2714214786174698994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 09:51:26 GMT

GET
H/1.1 200
OK H31qz69DNR.png
nrj.ua/uploads/slider/ 90 KB
90 KB 774ms
83ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/slider/H31qz69DNR.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 6e7cf50b7ac98e25adf408490d01b02cface5bc6af35707cceec98fc57355ca3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Mon, 21 Nov 2022 12:11:06 GMT
Server: Apache
ETag: "1661f-5edf9f32eab3e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 91679

GET
H/1.1 200
OK PY8YOrYHYR.gif
nrj.ua/uploads/advertising/ 1 MB
1 MB 857ms
82ms Image
image/gif 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/advertising/PY8YOrYHYR.gif
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 584917eaa2763281d009ea8ae694f07d7acfcd38948ae0ded3dcc5dd48fa88e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 28 Jul 2022 15:52:43 GMT
Server: Apache
ETag: "124c59-5e4df862ac8b4"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 1199193

GET
H/1.1 200
OK oeEMVEJlDO.jpg
nrj.ua/uploads/video-cover/ 114 KB
115 KB 81ms
81ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/video-cover/oeEMVEJlDO.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: e65433471207d1b096a9f46719bb6c76f3c33be656f89936531ca1a6b7d8de14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 10 Feb 2022 12:22:03 GMT
Server: Apache
ETag: "1c8ff-5d7a8ff75ca37"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=190
Content-Length: 116991

GET
H/1.1 200
OK H45ZgZfaXx.jpg
nrj.ua/uploads/video-cover/ 160 KB
160 KB 81ms
80ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/video-cover/H45ZgZfaXx.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: c1c181607173c0f6025084c36e724cc1b2d874760495b867377e8b188b78d1af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 10 Feb 2022 12:21:24 GMT
Server: Apache
ETag: "280e0-5d7a8fd22ee99"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 164064

GET
H/1.1 200
OK 8b0cRuVVOS.jpg
nrj.ua/uploads/video-cover/ 140 KB
140 KB 80ms
80ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/video-cover/8b0cRuVVOS.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 2321a375eda31926f12753991b660123360a85c2af2abc9edfdb656f01772dd0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 10 Feb 2022 12:20:59 GMT
Server: Apache
ETag: "2303f-5d7a8fb99ad28"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 143423

GET
H/1.1 200
OK OaSQDCN9lj.jpg
nrj.ua/uploads/video-cover/ 163 KB
163 KB 82ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/video-cover/OaSQDCN9lj.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: df3eb7963aa5273710f22194265f9836e8edb30c6ae25c5b8e16f15e6866bd54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 10 Feb 2022 12:20:20 GMT
Server: Apache
ETag: "28a82-5d7a8f9517054"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 166530

GET
H/1.1 200
OK LoungeFm_logo.png
nrj.ua/images/unitedGroups/ 26 KB
27 KB 81ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/LoungeFm_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: cdb71500f406871302484e279b2d2b3d06f32ed6ebe7f32eef35f29c38bebcdd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "69d3-5d13e1f82b33f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 27091

GET
H/1.1 200
OK Avtoradio_logo.png
nrj.ua/images/unitedGroups/ 118 KB
118 KB 83ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Avtoradio_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: dcd794d09545c6e9d90a55cac0e768e4a889b5a7a5ef3bd16ac6a8ccf44446f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Thu, 07 Jul 2022 10:04:53 GMT
Server: Apache
ETag: "1d892-5e334378febcd"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=192
Content-Length: 120978

GET
H/1.1 200
OK Pyatnica_logo.png
nrj.ua/images/unitedGroups/ 83 KB
83 KB 81ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Pyatnica_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 8f3e20dd382bfcc391f7c77302f2d7bbf3ff73084b562236ad21d9077bea5fa1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "14baf-5d13e1f82b33f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=189
Content-Length: 84911

GET
H/1.1 200
OK Retro_logo.png
nrj.ua/images/unitedGroups/ 34 KB
34 KB 82ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Retro_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: b9a88fbc12f0af5f1d56d0892cc9dedae066f544e9de8881e66d25a681fca22f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "8892-5d13e1f82b33f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 34962

GET
H/1.1 200
OK BR_logo.png
nrj.ua/images/unitedGroups/ 5 KB
6 KB 82ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/BR_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: a68d9d55d676c68f023dcb36e05e42c5213eae2b0dde0a37dd563a75f00c5d22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "1578-5d13e1f82b33f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=193
Content-Length: 5496

GET
H/1.1 200
OK Djfm_logo.png
nrj.ua/images/unitedGroups/ 27 KB
27 KB 82ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Djfm_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 21f9799aaeb8a0b215575d7e65928fed57477eac2074d8f9f5a4302be3efcd05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Wed, 12 Jan 2022 18:26:35 GMT
Server: Apache
ETag: "6a89-5d566b5b76617"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=194
Content-Length: 27273

GET
H/1.1 200
OK Perec_logo.png
nrj.ua/images/unitedGroups/ 140 KB
141 KB 81ms
81ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Perec_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: efa94bff63e2e7d68807f31fda701fe7e264e6291a43ba93c7aa18ca4198c0fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:28 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "230f2-5d13e1f82b33f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 143602

GET
H/1.1 200
OK Powerfm_logo.png
nrj.ua/images/unitedGroups/ 162 KB
162 KB 82ms
82ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Powerfm_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 6e2c66e912e515b4e943124e02b1b807766ffb1127c5be417e0fbf658efc7827

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:28 GMT
Last-Modified: Wed, 12 Jan 2022 18:26:35 GMT
Server: Apache
ETag: "28790-5d566b5b775b7"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=191
Content-Length: 165776

GET
H/1.1 200
OK Shanson_logo.png
nrj.ua/images/unitedGroups/ 23 KB
23 KB 80ms
80ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/unitedGroups/Shanson_logo.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: aba1e6979e18a6055ae7a28733e6b5829e641fbcbfd36af8b026ab0e888a6778

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:28 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "5b7e-5d13e1f82c2df"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=188
Content-Length: 23422

GET
H/1.1 200
OK app.min.js Show response
nrj.ua/js/ 781 KB
235 KB 93ms
92ms Script
application/javascript 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/js/app.min.js
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 9bf76afa60f73a2daa491a04b90b7bd5077c21f838e441308240e07986cfdec2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 08:12:00 GMT
Server: Apache
ETag: "c35d1-5d55e1fcb81e0-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=193

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 172ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 09:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 11:24:37 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 53 KB
20 KB 254ms
80ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 16cdc87c925e1798fa163dd17bafda0a0f9f09cbb04cbcec046109d0f9be65ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 10:45:20 GMT
server: nginx/1.13.0
etag: W/"63970640-d3a9"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Tue, 13 Dec 2022 10:45:20 GMT

GET
H2 200 pic.gif
juke.mmi.bemobile.ua/bug/ 56 B
138 B 278ms
103ms Image
image/gif 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=europaplus.ua&j=1&nocache=0.32590909582230876
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 189ms
59ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:26 GMT
content-encoding: gzip
etag: "KvGSi9leJgKNKEGESzHjYw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Dec 2022 09:51:26 GMT

GET
H/1.1 200
OK hnUBTFtkx3.jpg
nrj.ua/uploads/advertising/ 564 KB
564 KB 220ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/uploads/advertising/hnUBTFtkx3.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: fcebe0f8d4ae57c0f9ca0b4f180fdf4370d55f213c287cee064f8e5a2de92c9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Thu, 23 Jun 2022 21:27:55 GMT
Server: Apache
ETag: "8d021-5e224207bf065"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 577569

GET
H/1.1 200
OK HeliosCond-Bold.woff2
nrj.ua/fonts/ 17 KB
17 KB 125ms
83ms Font
font/woff2 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/fonts/HeliosCond-Bold.woff2
Requested by: Host: nrj.ua
URL: https://nrj.ua/css/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 2be91de88e894243a225514799814ab79463d77fcb7b8b97e069e97cf8bf771d

Request headers

Referer: https://nrj.ua/css/app.min.css
Origin: https://nrj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "4388-5d13e1f8293fe"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 17288

GET
H/1.1 200
OK HeliosCond.woff2
nrj.ua/fonts/ 19 KB
19 KB 206ms
81ms Font
font/woff2 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/fonts/HeliosCond.woff2
Requested by: Host: nrj.ua
URL: https://nrj.ua/css/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: b3e60b485b1018a19d3864a17bd96e95ffcf872f9799302d73f5454b16977268

Request headers

Referer: https://nrj.ua/css/app.min.css
Origin: https://nrj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "4b20-5d13e1f8293fe"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 19232

GET
H/1.0 200
OK nrj320
cast.radiogroup.com.ua/ 321 KB
0 297ms
125ms Media
audio/mpeg 185.187.81.226
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cast.radiogroup.com.ua/nrj320
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_128_GCM
Server: 185.187.81.226 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Icecast 2.4.4 /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 09:51:27 GMT
icy-name: NRJ
Server: Icecast 2.4.4
icy-br: 320, 320
Content-Type: audio/mpeg
icy-pub: 0
icy-url: https://www.nrj.ua
Cache-Control: no-cache, no-store
icy-genre: Pop
ice-audio-info: ice-samplerate=44100;ice-bitrate=320;ice-channels=2
Connection: Close
icy-private: 1
icy-description: NRJ
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK menu_back.png
nrj.ua/images/ 16 KB
17 KB 675ms
83ms Image
image/png 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/menu_back.png
Requested by: Host: nrj.ua
URL: https://nrj.ua/css/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: c286a560e36d9727011336cfd9ca96b2a8998c01da58b40d04469d903bfa2a90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:27 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "41d7-5d13e1f82a39f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 16855

GET
H/1.1 200
OK icons.ttf
nrj.ua/fonts/iconfont/ 2 KB
2 KB 198ms
81ms Font
font/ttf 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nrj.ua/fonts/iconfont/icons.ttf?c51bzl
Requested by: Host: nrj.ua
URL: https://nrj.ua/css/app.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: c6c0491115cbaa3d69a23142d20c5062770ddfba56e81b7fd7c4c9346eae09cf

Request headers

Referer: https://nrj.ua/css/app.min.css
Origin: https://nrj.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:26 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "84c-5d13e1f8293fe"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 2124

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 61ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1365359752&t=pageview&_s=1&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2069816833&gjid=1061768490&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&_r=1&_slc=1&z=948226483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nrj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-Sn3cCSHRw3gsM.js Show response
rules.quantcount.com/ 3 B
448 B 175ms
53ms Script
application/javascript 2600:9000:223c:8400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Sn3cCSHRw3gsM.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 03:19:03 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 23545
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:35:44 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ykFFKvYVDcOFqMdRenn9knF71XfuEQXBswB7PSIhlICFL_AH51nlGw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
436 B 178ms
56ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75879525-1&cid=932943923.1671011487&jid=2069816833&gjid=1061768490&_gid=583054455.1671011487&_u=IEBAAEAAAAAAACAAI~&z=717713373

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 09:51:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nrj.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
117 KB 224ms
116ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5157382505611975&plah=nrj.ua&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5157382505611975

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 415296433009820858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 09:51:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 7825 10 KB
5 KB 179ms
57ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5157382505611975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 82193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:34 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 11:01:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 192ms
70ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75879525-1&cid=932943923.1671011487&jid=2069816833&_u=IEBAAEAAAAAAACAAI~&z=7917356

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 193ms
71ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75879525-1&cid=932943923.1671011487&jid=2069816833&_u=IEBAAEAAAAAAACAAI~&z=7917356

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=442524336;rf=0;a=p-Sn3cCSHRw3gsM;url=https%3A%2F%2Fnrj.ua%2F;uht=2;fpan=1;fpa=P0-216996592-1671011487005;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=nrj.ua;dst=0;et=16...
pixel.quantserve.com/ 35 B
372 B 62ms
62ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=442524336;rf=0;a=p-Sn3cCSHRw3gsM;url=https%3A%2F%2Fnrj.ua%2F;uht=2;fpan=1;fpa=P0-216996592-1671011487005;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=nrj.ua;dst=0;et=1671011487262;tzo=0;ogl=title.NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97%252E%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2Cdescription.NRJ%252E%20NRJ%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%252E%20%D0%A1%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20NRJ%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%252E%20%D0%AD%D0%BD%D0%B5%D1%80%D0%B4%D0%B6%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B0%252E%20%D0%A1%D0%BB%D1%83%D1%88%D0%B0%D1%82%D1%8C%20%D0%AD%D0%BD%D0%B5%D1%80%D0%B4%D0%B6%D0%B8%2Cimage.https%3A%2F%2Fnrj%252Eua%2Fimages%2Fnrj%252Ejpg%2Ctitle.NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97%252E%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%2Curl.https%3A%2F%2Fnrj%252Eua;ses=4f89d969-f686-4ee2-a310-2eb92d8d7e4b

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 268ms
80ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
last-modified: Mon, 02 Jul 2018 17:26:53 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b3a605d-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
693 B 177ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nrj.ua&callback=_gfp_s_&client=ca-pub-5157382505611975&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5157382505611975&plah=nrj.ua&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93f0c43e83ba9c7da3d5921c2220655e308f82103caf708e20bf95b07d329a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 190ms
66ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nrj.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nrj.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fnrj.ua%2F&tn=DIV&cls=header__panel&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DD5 149 KB
47 KB 1188ms
1073ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&adk=1812271804&adf=3025194257&lmt=1671011487&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fnrj.ua%2F&ea=0&pra=5&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487139&bpp=5&bdt=469&idt=435&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5608862389310&frm=20&pv=2&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=456

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b5cec7bbd18585fbf363c5fcf93a2ed286ba50897c0cccda89dd788a00d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
expires: Wed, 14 Dec 2022 09:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23FA 147 KB
47 KB 752ms
668ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=600&slotname=6826772420&adk=1735060560&adf=2000120436&pi=t.ma~as.6826772420&w=188&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=188x600&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487144&bpp=2&bdt=474&idt=478&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PKHGP5nhp7&p=https%3A//nrj.ua&dtd=483

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a0ef478e729c9a9407080f7a6a0b98e4f131f1147b973967eca6e57e8bad36e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrUlfHq-PsCFdDahwodBd4OIg&gqi=n5yZY6GzLaOOmLAP892cSA&layout=/sadbundle/%24csp%253Der3%24/16841678510429673680/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48431
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLrUlfHq-PsCFdDahwodBd4OIg&gqi=n5yZY6GzLaOOmLAP892cSA&layout=/sadbundle/%24csp%253Der3%24/16841678510429673680/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
expires: Wed, 14 Dec 2022 09:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame C36F 3 KB
1 KB 81ms
80ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 14 Dec 2022 09:51:27 GMT
etag: W/"5b310387-b5f"
last-modified: Mon, 25 Jun 2018 15:00:23 GMT
server: nginx/1.13.0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89C5 152 KB
49 KB 471ms
403ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=280&slotname=6592922416&adk=2100718444&adf=777223331&pi=t.ma~as.6592922416&w=1200&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=1200x280&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487146&bpp=1&bdt=476&idt=494&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C188x600&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=2334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=do8N87FfkK&p=https%3A//nrj.ua&dtd=497

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8036c46a6d8fd93843036adfed797e2fad927a88dcd1a636c36c8851c06cd2f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7VlfHq-PsCFQP4hwod8kENAw&gqi=n5yZY8uwLd_KmLAPwNWMmAg&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49758
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7VlfHq-PsCFQP4hwod8kENAw&gqi=n5yZY8uwLd_KmLAPwNWMmAg&layout=/sadbundle/%24csp%253Der3%24/14674112099215987585/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
expires: Wed, 14 Dec 2022 09:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 263ms
81ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 09:51:27 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 263ms
80ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=736CF134908B4F3F90D4F3CBA25871D8&time=1671011487344&location=https%3A%2F%2Fnrj.ua%2F&referrer=&is_flash=0&session_id=134388301&version=3.5.355_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=1&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 09:51:27 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
230 B 81ms
81ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=736CF134908B4F3F90D4F3CBA25871D8&time=1671011487731
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:27 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 89C5 67 B
529 B 172ms
57ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=280&slotname=6592922416&adk=2100718444&adf=777223331&pi=t.ma~as.6592922416&w=1200&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=1200x280&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487146&bpp=1&bdt=476&idt=494&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C188x600&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=2334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=do8N87FfkK&p=https%3A//nrj.ua&dtd=497

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 06:08:41 GMT
x-content-type-options: nosniff
server: cafe
age: 13367
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 15 Dec 2022 06:08:41 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.8/ 6 KB
3 KB 184ms
59ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.8/plyr.svg
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BY5FVAJY1HR69DN8
age: 529585
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0Qd38ECScMC5HloScY9yHVmC/GfVt3J7HirGcQ3pfh5oe2LG/5J751+779WMSBW7iaRoTKm6t+E=
x-served-by: cache-iad-kiad7000128-IAD, cache-jnb7027-JNB
last-modified: Wed, 12 May 2021 13:39:51 GMT
server: cloudflare
x-timer: S1670443251.873499,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB1HPJky8H7ax4Ae3YmEnc6djw3eDNgulEI%2BhnHzlDqZMBK7ljx9vsTs4HG4AZZjnHSFv%2FBl2xmlk8Ignq8ltQkn58EtMV4ns5OGme9It3LR%2FJN74Zgn2quDR78sMX%2ByY%2FCJCM93Nhis"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 77960a8a489972ba-LHR
x-cache-hits: 15, 1451

GET
H2 200 playlist.json Show response
radioclub.ua/json/ 200 KB
200 KB 8553ms
625ms Fetch
application/json 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua/json/playlist.json
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c26ca526f80f497f1d187aa258c28d76a6f32c6810c4724f4fac69ae31308662

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:36 GMT
last-modified: Wed, 14 Dec 2022 09:51:13 GMT
server: nginx
etag: "31fcd-5efc6ad4db9d8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Version, Authorization, Content-Type
content-length: 204749

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.8/ 6 KB
2 KB 193ms
81ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.8/plyr.svg
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BY5FVAJY1HR69DN8
age: 529585
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0Qd38ECScMC5HloScY9yHVmC/GfVt3J7HirGcQ3pfh5oe2LG/5J751+779WMSBW7iaRoTKm6t+E=
x-served-by: cache-iad-kiad7000128-IAD, cache-jnb7027-JNB
last-modified: Wed, 12 May 2021 13:39:51 GMT
server: cloudflare
x-timer: S1670443251.873499,VS0,VE0
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9uXzzNkN8P1CMgfQzRfEMIqNpUGX%2BNeM2eozs1AxJ15e7Bo%2FKvVRRbkL3pplZiD4Ei6JulVI5c%2Fw5I1m%2B%2FFb36MTB6vOiujbW%2BEanKuGEw3m6airuwTTKZkx0tu5xWIqbA%2B%2F1eIYWQU"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 77960a8a489b72ba-LHR
x-cache-hits: 15, 1451

GET
H/1.0 200
OK nrj320
cast.radiogroup.com.ua/ 328 KB
0 290ms
128ms Media
audio/mpeg 185.187.81.226
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cast.radiogroup.com.ua/nrj320
Requested by: Host: nrj.ua
URL: https://nrj.ua/
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_128_GCM
Server: 185.187.81.226 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Icecast 2.4.4 /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 09:51:28 GMT
icy-name: NRJ
Server: Icecast 2.4.4
icy-br: 320, 320
Content-Type: audio/mpeg
icy-pub: 0
icy-url: https://www.nrj.ua
Cache-Control: no-cache, no-store
icy-genre: Pop
ice-audio-info: ice-samplerate=44100;ice-bitrate=320;ice-channels=2
Connection: Close
icy-private: 1
icy-description: NRJ
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 53ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1365359752&t=event&_s=2&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%D0%95%D0%BA%D1%81%D1%82%D1%80%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%B5%D1%80&ea=%D0%9F%D0%B5%D1%80%D0%B5%D0%B3%D0%BB%D1%8F%D0%B4%20%22%D0%95%D0%BA%D1%81%D1%82%D1%80%D0%B0%20%D0%B1%D0%B0%D0%BD%D0%B5%D1%80%22&el=%D0%9B%D1%8C%D0%B2%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D1%96%20%D0%B1%D1%80%D0%BE%D0%BD%D0%B5%D0%B6%D0%B5%D0%BB%D0%B5%D1%82%D0%B8&_u=KEDAAEABAAAAACAAI~&jid=&gjid=&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&z=1289436717

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50920
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame 2EE4 20 KB
5 KB 180ms
62ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 241344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4695
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 14:49:04 GMT
expires: Mon, 11 Dec 2023 14:49:04 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F5E7 0
0 108ms
108ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIApun5yZY96JMYPwnwTyg7UY8Ye48m3JypPsvhCOpN6gqDAQASCNvqJLYJUCoAGyisGqAcgBCakC1q_NGkK7qD6oAwHIA0iqBLcBT9BzJv2dh9Rm1wPonYFCdAfy6-Kj31t3zauTzlGQU9ER4quzJE46faRTKoT7qJxiprTEfBI_zhIZNO2g4m92RbqlPB77KaFIihkgkK0LrOP6pC1o8a8c8Qhx9or7r3CQmTixzkDfQFWGeQu6B_KjvCDXjiMAlVX8yYnFcUCkoQi1BdkYEtBknnrzbzBy0ff9fPBb59DM7mEXXFZwJoOfj6O621IOT2WkWAaviWsopVxx4H9VuDD_wATXhcygogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCQNdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTUxNTczODI1MDU2MTE5NzUYAA&sigh=tFap1QlwZlM&uach_m=[UACH]&cid=CAQSGwDq26N9-p1yJQM3XVw2EawoTDfS0WE8oC6p6hgBIBM&template_id=419

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=280&slotname=6592922416&adk=2100718444&adf=777223331&pi=t.ma~as.6592922416&w=1200&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=1200x280&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487146&bpp=1&bdt=476&idt=494&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C188x600&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=2334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=do8N87FfkK&p=https%3A//nrj.ua&dtd=497
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 09:51:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F5E7 23 KB
9 KB 172ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F5E7 3 KB
1 KB 227ms
112ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F5E7 18 KB
7 KB 188ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5E7 153 KB
47 KB 187ms
71ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame 2B47 20 KB
5 KB 58ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ea8daf45136819365c897010c0f185d534a7dc553578ec156f9c8db72449e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 414896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4754
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 14:36:32 GMT
expires: Sat, 09 Dec 2023 14:36:32 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB22 0
0 102ms
102ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQsqen5yZY_qIMdC1nwSFvLuQAvGHuPJticiT7L4QjqTeoKgwEAEgjb6iS2CVAqABsorBqgHIAQmpAmnmXBiguag-qAMByANIqgS2AU_Qy5EUGg2qGRMvMOCDGmS_tcnHGoeecjxIGBFdjtYlOLsboyXufGs35hKiVTRh3J8-Wt6ZK_yzMaLConzbcIKirrsjeaG3X_auA0g8kyjFaMpzCrXV6npl1UqsJqdBe_eAhagg9XqxQQM3y4x_q5CZ95dY8DKC6jpsSytnxlgEB9TGTELXT6g6SJ_kgtBpczX_ucSlGf09MQ6oBpAhrO_wn2lmXzci-1JmDHYSUW6SVPPHBenVwATXhcygogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCP3gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTU3MzgyNTA1NjExOTc1GAA&sigh=7TL-ouRn5KM&uach_m=[UACH]&cid=CAQSGwDq26N94gkewBUmBA2BbSBQ0OIm9LoeAQCZYRgBIBM&template_id=419

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=600&slotname=6826772420&adk=1735060560&adf=2000120436&pi=t.ma~as.6826772420&w=188&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=188x600&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487144&bpp=2&bdt=474&idt=478&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PKHGP5nhp7&p=https%3A//nrj.ua&dtd=483
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 09:51:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame FB22 23 KB
9 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=600&slotname=6826772420&adk=1735060560&adf=2000120436&pi=t.ma~as.6826772420&w=188&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=188x600&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487144&bpp=2&bdt=474&idt=478&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PKHGP5nhp7&p=https%3A//nrj.ua&dtd=483

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FB22 3 KB
1 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FB22 18 KB
7 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB22 153 KB
47 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2EE4 6 KB
3 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Dec 2022 18:58:17 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2EE4 34 KB
13 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 15 Dec 2022 09:40:58 GMT

GET
H3 200 120fb889c9d3d02c8d3dd0555cf62ab3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame 2EE4 104 KB
30 KB 76ms
75ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 19:36:47 GMT
age: 396881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30375
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 19:36:47 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2B47 6 KB
3 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Dec 2022 18:58:17 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2B47 34 KB
13 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 15 Dec 2022 09:40:58 GMT

GET
H3 200 120fb889c9d3d02c8d3dd0555cf62ab3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame 2B47 104 KB
30 KB 97ms
97ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/120fb889c9d3d02c8d3dd0555cf62ab3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 13:05:23 GMT
age: 420365
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30375
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 13:05:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB57 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=280&slotname=6592922416&adk=2100718444&adf=777223331&pi=t.ma~as.6592922416&w=1200&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=1200x280&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487146&bpp=1&bdt=476&idt=494&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C188x600&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=90&ady=2334&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=do8N87FfkK&p=https%3A//nrj.ua&dtd=497
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F5E7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 881698d0fc6da6ea0798776e09213412047b8294034055c90965748c9292a77c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86AB 143 B
166 B 57ms
56ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5157382505611975&output=html&h=600&slotname=6826772420&adk=1735060560&adf=2000120436&pi=t.ma~as.6826772420&w=188&fwrn=4&fwrnh=100&lmt=1671011487&rafmt=1&format=188x600&url=https%3A%2F%2Fnrj.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671011487144&bpp=2&bdt=474&idt=478&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5608862389310&frm=20&pv=1&ga_vid=932943923.1671011487&ga_sid=1671011488&ga_hid=1365359752&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=296&ady=1540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071219%2C44779077%2C44780792&oid=2&pvsid=4465708497079395&tmod=1977033296&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PKHGP5nhp7&p=https%3A//nrj.ua&dtd=483
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FB22 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ee91606dec5ccb1d1920e6ab3388cdb7f1e285594a564fbcb20452ae861e60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2EE4 6 KB
780 B 180ms
65ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/120fb889c9d3d02c8d3dd0555cf62ab3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 09:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 09:51:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3 200 14986c7a3fcbf331142efc1cfe3dea91.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame 2EE4 31 KB
31 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/14986c7a3fcbf331142efc1cfe3dea91.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 23:53:03 GMT
x-content-type-options: nosniff
age: 381505
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31561
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 23:53:03 GMT

GET
H3 200 28f5d8da66c1978538f89b2583693dfa.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/ Frame 2EE4 40 KB
40 KB 65ms
64ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/media/28f5d8da66c1978538f89b2583693dfa.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 05:23:49 GMT
x-content-type-options: nosniff
age: 448059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41214
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 05:23:49 GMT

GET
H3 404 undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/ Frame 2EE4 43 B
66 B 182ms
182ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AB57
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
69ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
expires: Wed, 14 Dec 2022 09:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2B47 6 KB
1 KB 147ms
64ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/120fb889c9d3d02c8d3dd0555cf62ab3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 09:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 09:51:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3 200 5f95c1cc2919a9df28388531193350bf.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/ Frame 2B47 27 KB
27 KB 59ms
58ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/5f95c1cc2919a9df28388531193350bf.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bf984fa8148b2e414f2ae7d828c483accdd0426ad8cb1883280a2c801cedae5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 15:58:11 GMT
x-content-type-options: nosniff
age: 409997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28070
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 15:58:11 GMT

GET
H3 200 24e8b2c8dde80786640a2d9b9270037d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/ Frame 2B47 30 KB
30 KB 65ms
64ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/media/24e8b2c8dde80786640a2d9b9270037d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

764a79d7e8c4a84d8286fd262e201b8dc9ce28ef0f7650efefbcd5c1f6f61efc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 23:39:10 GMT
x-content-type-options: nosniff
age: 382338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30583
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 23:39:10 GMT

GET
H3 404 undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/ Frame 2B47 43 B
66 B 187ms
186ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/undefinedz9njpo

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

68ms
68ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
expires: Wed, 14 Dec 2022 09:51:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 150 KB
51 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e23c31e02d78c4ad340de95848ce3e2dbf575bae805ebd9ff5cb6fba18f5dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52352
x-xss-protection: 0
server: cafe
etag: 5382331359570180519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 09:51:28 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2EE4 18 KB
18 KB 189ms
72ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options: nosniff
age: 392604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:48:04 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2EE4 18 KB
19 KB 173ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options: nosniff
age: 144015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 17:51:13 GMT

GET
H2 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2EE4 20 KB
20 KB 297ms
180ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options: nosniff
age: 423960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:05:28 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 2EE4 21 KB
21 KB 281ms
165ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:13:56 GMT
x-content-type-options: nosniff
age: 124652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21440
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:13:56 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2B47 18 KB
18 KB 234ms
144ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options: nosniff
age: 392604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:48:04 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2B47 18 KB
18 KB 213ms
123ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options: nosniff
age: 144015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 17:51:13 GMT

GET
H2 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 2B47 20 KB
20 KB 285ms
195ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options: nosniff
age: 423960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:05:28 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 224ms
65ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nrj.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 171ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nrj.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame A9CA 10 KB
4 KB 57ms
56ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 25778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 02:41:50 GMT
etag: 10353107486223812946
expires: Wed, 28 Dec 2022 02:41:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame CAB2 20 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 420148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4775
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:09:01 GMT
expires: Sat, 09 Dec 2023 13:09:01 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9CA 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZIpon5yZY8D5MIf0ngTzu6jwDPGHuPJtocqT7L4QjqTeoKgwEAEgjb6iS2CVAqABsorBqgHIAQmpAtavzRpCu6g-qAMByANIqgS9AU_QS_zf7un6uLBTT4STIGkVmKh_AqZwNVcKUUYUZtyHzzj-RC1O-AhmRzBcfZmu0lh2kEx11jE8Yx4d3YFvSvHjCIL3ItR5VryHVtK92SajIAkw9rA54RvnqJUnkT-V631MIfK9IK_cBhaeV0N8PCc37R2lAwFWOUjMi2nfXPgkHuEBJDBCN-4Xzc8n3GpvLAgQs0FRZAx0BK02dmXeA7xSiPncE8sNyuPlzxSh29274OMHPHt5aeIeFTDLTcAE14XMoKIEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ36AI0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNTE1NzM4MjUwNTYxMTk3NRgA&sigh=uoLEN00fy3A&uach_m=[UACH]&cid=CAQSGwDq26N9oZ51_Wx0LRF0oQRlnin8ot5eFt-izhgBIBM&template_id=419

Requested by

Host: nrj.ua
URL: https://nrj.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Dec 2022 09:51:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A9CA 23 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F5E7 63 KB
24 KB 188ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23658
x-xss-protection: 0
server: cafe
etag: 18247885564830507581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Dec 2022 10:49:42 GMT

GET
H3 200 rum.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2EE4 63 KB
23 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/rum.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 16:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23658
x-xss-protection: 0
server: cafe
etag: 18247885564830507581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 16:53:40 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EE4 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B47 36 KB
16 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame CAB2 6 KB
3 KB 68ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 14 Dec 2022 18:58:17 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CAB2 34 KB
13 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 15 Dec 2022 09:40:58 GMT

GET
H3 200 120fb889c9d3d02c8d3dd0555cf62ab3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame CAB2 104 KB
30 KB 68ms
67ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 10 Dec 2022 01:22:34 GMT
age: 376135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30375
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 01:22:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 662E 143 B
166 B 68ms
67ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A9CA 3 KB
1 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 08:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 08:55:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A9CA 18 KB
7 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 17:06:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9CA 153 KB
47 KB 186ms
72ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:29 GMT

GET
DATA 200
OK truncated
/ Frame A9CA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba4a2f54149df912564d5605d23128a0dc3fbbfd89cb00ed35b51473f2a6790e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 2EE4 0
54 B 987ms
322ms Ping
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lbnh3h30&ctx=3&gqid=n5yZY8uwLd_KmLAPwNWMmAg&qqid=CJ7VlfHq-PsCFQP4hwod8kENAw&met.7=CB8QCBgBMLoBON8GaHdwtAF4gyeAAdckiAGroAGwAQG4AQM~CBwQChgBILwBKLwBMPgBODxovAFw9gF4tBaAAYgUiAHlMrABAbgBAw~CBwQChgBILwBKLwBMIgCOExovQFw-AF4l2iAAetliAHujgKwAQG4AQM~CB8QChgBILwBKLwBMLgCOHxovQFwiAJ40-8BgAGn7QGIAbC8BrABAbgBAw~CBIQBxgBINsCKNsCMJAEOLYBQNsCSNwCUNwCWM4DYJEDaM8DcI8EeOoHgAG-BYgBsTCqAWUKC1JhbGV3YXk6NzAwChxJQk0rUGxleCtTYW5zK0NvbmRlbnNlZDo1MDBpChtJQk0rUGxleCtTYW5zK0NvbmRlbnNlZDo1MDAKG0lCTStQbGV4K1NhbnMrQ29uZGVuc2VkOjYwMLABAbgBAw~CB8QBhgBINsCKNsCMJoDOD9o3AJwlQN49fgBgAHJ9gGIAcn2AbABAbgBAw~CB8QBhgBINsCKNsCMKcDOEto3AJwnQN4qsQCgAH-wQKIAf7BArABAbgBAw~CB8QBhgBINwCKNwCMJMEOLcBaNwCcJIEeNcCgAEriAErsAEBuAED~CBgQChgBIOQGKOQGMKUHOEFo5AZwngd4lrsBgAHquAGIAfv2A7ABAbgBAw~CCcQChgBIOQGKOQGMJwHODg
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CAB2 6 KB
730 B 182ms
67ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Dec 2022 09:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 09:51:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Dec 2022 09:51:29 GMT

GET
H3 200 7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame CAB2 9 KB
9 KB 58ms
57ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 12 Dec 2022 20:40:02 GMT
x-content-type-options: nosniff
age: 133887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8880
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Dec 2023 20:40:02 GMT

GET
H3 200 0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame CAB2 9 KB
9 KB 58ms
58ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 02:07:48 GMT
x-content-type-options: nosniff
age: 373421
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 02:07:48 GMT

GET
H3 404 undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame CAB2 43 B
69 B 934ms
934ms Image
image/gif 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:30 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 14 Dec 2022 09:51:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 662E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

290ms
289ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:29 GMT
expires: Wed, 14 Dec 2022 09:51:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5E7 0
20 B 88ms
88ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F5E7 0
327 B 927ms
320ms Ping
image/gif 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lbnh3h4x&e=21068133&ctx=2&gqid=n5yZY8uwLd_KmLAPwNWMmAg&qqid=CJ7VlfHq-PsCFQP4hwod8kENAw&met.4=fb.4d~lb.ao~ol.sr~bdt.-14g~bpp.-r7~idt.-di~dtd.-df~dt.-r8&met.3=733.cu~742.ct_1~748.di~749.dj~739.do~735.ev_1~738.sq~113.zo_4~112.zn_5&met.1=1.lbnh3g5a~14.5~15.0~16.5~17.5~18.5~19.5~20.5~21.5&met.7=CB8QBRgBIKsBKKsBMOUCOLoBaKECcN8CeIMngAHXJIgBq6ABsAEBuAED~CCEQBBgBIK0BKK0BMJkCOG1orQFwmQJ4rAKwAQG4AQM~CAkQChgBIK4BKK4BMPoCOM0BUK4BWKECYK4BaKECcNoCeI9MgAHjSYgBsbsBsAEBuAED~CB4QChgBIK4BKK4BMJIDOOQBaKICcJEDeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIK4BKK4BMPQCOMYBaKICcOoCeOQ8gAG4OogBrY0BsAEBuAED~CCoQChgBIK4BKK4BMLYDOIgC~CCgQBRgBIP4CKP4CMLgDODpo_wJwtwN4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBIIwIKIwIMIEKOPUBQI0ISJQIUJQIWI8JYMwIaI8JcMgJeJa7AYAB6rgBiAH79gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame CAB2 18 KB
18 KB 218ms
103ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:48:04 GMT
x-content-type-options: nosniff
age: 392606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:48:04 GMT

GET
H3 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame CAB2 18 KB
18 KB 197ms
82ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 17:51:13 GMT
x-content-type-options: nosniff
age: 144017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 17:51:13 GMT

GET
H3 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame CAB2 20 KB
20 KB 173ms
58ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 12:05:28 GMT
x-content-type-options: nosniff
age: 423962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 12:05:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 214ms
105ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30677d45656bab05c91d81ff65fe1a4b5c4fb011075373d3c598f8918aac3c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11229
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CAB2 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A9CA 42 B
64 B 93ms
89ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskIJkjLA5wOafl7oDtwdgW2FfKwO5ZlEw9NIrGEpaoJZR-PpSZQPrP9rD41e-XDngh-aGNPIGDtQwa5lelyR4ft9p6_KuLI0YF3G-S2StnKpBgQLwY1pzP2JndKz8xiP6Wt3cOzw&sai=AMfl-YSokVc8ByjZUM4WhMQWM8jFFLfP6Sf2a2HqRcP4F6Q4d55lF41bcLIyjMGPQBAmgv_8is_mWsdQWit0J7I&sig=Cg0ArKJSzJOWO-Qvb5DPEAE&cid=CAQSGwDq26N9oZ51_Wx0LRF0oQRlnin8ot5eFt-izhgBIBM&id=lidar2&mcvt=1043&p=0,1,124.25,1006&mtos=0,1043,1043,1043,1043&tos=0,1043,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671011488942&rpt=661&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BB8 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:20:29 GMT
expires: Thu, 14 Dec 2023 09:20:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8453 783 B
535 B 67ms
67ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3b94fb53f46798297d5d1e3252692a61bae6c28d552c56db0c4e8568cb8a1d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5LpIWHAuFqUY-u7C97cJSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nrj.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-5LpIWHAuFqUY-u7C97cJSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 09:51:30 GMT
expires: Wed, 14 Dec 2022 09:51:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BB8 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8453 0
0 87ms
86ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4465708497079395&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9BB8 0
12 B 56ms
56ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2KnpFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4465708497079395&bg=!rK-lr-vNAAYgquz3AKo7ACkAdvg8WibazHUfknH5gTiRG0J-zh5V6qIj5amDcIcKPl3fTXHNucRvvQIAAABqUgAAAANoAQcKADOb81G0CwMDv_wineP2L107zA-s5xImsTTh_KHe3cbSjk9BCe3CHVnJLjpfokzlRk_OJlaZAp54C_SAk99kjCm6jq4ElSQ2vb-Kiut_jQ0KTsCroUtCMdsSp6Z1FjNQW3rB8RSxc8uIR9z0fBqxjoAIBrgEneUqMtA34lhv3dL9MSKsHKX4oY1TnHhaujtVcxIe30ECSLQw0eA1ePPYc6LF1foYyM9GTUYorImEChROWuKQsyiwrKZOFIOmWUg_e0LyzYnrNTg6lbNdP-4UahPGuCu4znDBTHKm482qAh92uP-F8N2uVlR3u2oAAslwYCUc3odEElprM9ZX8bBgEIyRuh4nHhCd_E7xOs3P4wz0rgDG2T0RRv8Yp1gJrUjoaxm5TlA8eyGJV5lt6eiwAw6tndg8tZUIW5C64EAsu09lCuYRO6b8UXpXmdipVi7soZQfLRe4b82sV8QliPUa2nuSNSbKv1dpHMHiFChYZAxXnTXEHam3h4T4aEIPzJ2G3Fg44PBp2EGNOgXfZfCEfPDJH2lw0m01gB5fmhHMH5SCQ1Ti-M7UI2XBYim5Oow2J5I7tLFR5CrfvzcjHsV5CGmK8eYHWO97xP59hijimB-Ni39oKJyv9-Lcd5LhIBrSJ9KacsSJEMViPnVLIvIHatuHi5z_CxBpqMJMtsFpZXDJrGsL2jJzpTCvouLJLqQLZETQoL92qtsjOQTjr_ZNWw057hwf9LOy9-2oE9WN4UAldgbrSARnHN7jW7DSFNyb0czJLSZwm7dpgChfGC-_sjixo3Piv31rj8UrzgSTG0J2DW1PSoU1Smakzc6dKs4xLa607_SIlbDNiOEaOzpAeLUOCf6ep3LswIpwgr43Td7j7HzOUPQQxLS9dfVEd73oA1Zca4oBGYupiCjdIXJKkLJEUD5DuJig4vgFiRwLICj3ULrSlEacJjbJkNow4CFJFGkchkhO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 81ms
80ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=736CF134908B4F3F90D4F3CBA25871D8&time=1671011492344&location=https%3A%2F%2Fnrj.ua%2F&referrer=&is_flash=0&session_id=134388301&version=3.5.355_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=4418&param5=6&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 09:51:32 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1365359752&t=event&_s=3&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&ea=%D0%9F%D0%B5%D1%80%D0%B5%D0%B3%D0%BB%D1%8F%D0%B4%20%22%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%22&el=%D0%A6%D0%95%20%D0%AF%D0%99%D0%A6%D0%95&_u=KEDAAEABAAAAACAAI~&jid=&gjid=&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&z=862265927

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50925
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nrj.jpg
nrj.ua/images/ 43 KB
43 KB 246ms
81ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 62df039eb10ec6338728155db9081a4d52a113435d006e3ec2a76b873e1c454a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:37 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "ac60-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 44128

GET
H2 200 614076463fa60_Bez_nazvaniya_53.jpg
radioclub.ua//upload/images/singers/2021/99/a2/ 8 KB
9 KB 1148ms
379ms Image
image/jpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://radioclub.ua//upload/images/singers/2021/99/a2/614076463fa60_Bez_nazvaniya_53.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: e888823e470343683d58562176897c16ebbdf6f8dff01ceee4e1b9f899b044f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Tue, 14 Sep 2021 10:15:34 GMT
server: nginx
etag: "61407646-2180"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8576
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5c482735de11c_220px-Mark_Ronson__Nothing_Breaks_Like_a_Heart.png
radioclub.ua//upload/images/singers/2019/86/e3/ 62 KB
62 KB 873ms
105ms Image
image/png 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://radioclub.ua//upload/images/singers/2019/86/e3/5c482735de11c_220px-Mark_Ronson__Nothing_Breaks_Like_a_Heart.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ac1d286b9eb6cb82f78d01ca816a043d21d1da301a324ea5d7c16348955e1e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Wed, 23 Jan 2019 08:35:01 GMT
server: nginx
etag: "5c482735-f886"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 63622
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5cbd5ac948fad_d4784d68239ec0da32515d4095e47189.jpg
radioclub.ua//upload/images/singers/2019/d0/13/ 72 KB
72 KB 1146ms
378ms Image
image/jpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://radioclub.ua//upload/images/singers/2019/d0/13/5cbd5ac948fad_d4784d68239ec0da32515d4095e47189.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 47b89f9a3b84a31828b4ea0d1b2af20ff094368bef9ae3e38612f26cfbf293f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Mon, 22 Apr 2019 06:10:17 GMT
server: nginx
etag: "5cbd5ac9-11f88"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 73608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5c10c2e1b23c5_200x200.jpg
radioclub.ua//upload/images/singers/2018/48/32/ 17 KB
17 KB 1145ms
377ms Image
image/jpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://radioclub.ua//upload/images/singers/2018/48/32/5c10c2e1b23c5_200x200.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a7a29d0dddb30188fb3a6da49b23cd33b77ca6532930e1f10dae79edb3bc8991

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Wed, 12 Dec 2018 08:12:17 GMT
server: nginx
etag: "5c10c2e1-43fd"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17405
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 61f7c0df3705f_tiesto_feat_karol_g_-_dont_be_shy_z2fm.mp3
radioclub.ua//upload/songs/file/2022/39/a6/ 3 MB
0 1141ms
385ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2022/39/a6/61f7c0df3705f_tiesto_feat_karol_g_-_dont_be_shy_z2fm.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Mon, 31 Jan 2022 10:58:39 GMT
server: nginx
etag: "61f7c0df-5833f0"
content-type: audio/mpeg
Content-Range: bytes 0-5780463/5780464
cache-control: max-age=315360000
Content-Length: 5780464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 5c4827486181f_mark_ronson__miley_cyrus__chris_elliott_-_nothing_breaks_like_a_heart.mp3
radioclub.ua//upload/songs/file/2019/4d/41/ 2 MB
0 1140ms
383ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2019/4d/41/5c4827486181f_mark_ronson__miley_cyrus__chris_elliott_-_nothing_breaks_like_a_heart.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Wed, 23 Jan 2019 08:35:20 GMT
server: nginx
etag: "5c482748-851e87"
content-type: audio/mpeg
Content-Range: bytes 0-8724102/8724103
cache-control: max-age=315360000
Content-Length: 8724103
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 5ab8ba9f318c1_BRITNEY_SPEARS_TILL_THE_WORLD_ENDS.mp3
radioclub.ua//upload/songs/file/2018/6d/48/ 111 KB
0 1137ms
382ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2018/6d/48/5ab8ba9f318c1_BRITNEY_SPEARS_TILL_THE_WORLD_ENDS.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Mon, 26 Mar 2018 09:17:19 GMT
server: nginx
etag: "5ab8ba9f-3a21ad"
content-type: audio/mpeg
Content-Range: bytes 0-3809708/3809709
cache-control: max-age=315360000
Content-Length: 3809709
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 6013bfe2411c8_ava_max_-_my_head_and_my_heart.mp3
radioclub.ua//upload/songs/file/2021/b5/5a/ 2 MB
0 1135ms
380ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2021/b5/5a/6013bfe2411c8_ava_max_-_my_head_and_my_heart.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:38 GMT
last-modified: Fri, 29 Jan 2021 07:57:22 GMT
server: nginx
etag: "6013bfe2-6f2df5"
content-type: audio/mpeg
Content-Range: bytes 0-7286260/7286261
cache-control: max-age=315360000
Content-Length: 7286261
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
54ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1365359752&t=event&_s=4&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&ea=%D0%9F%D0%B5%D1%80%D0%B5%D0%B3%D0%BB%D1%8F%D0%B4%20%22%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%22&el=Pan%20Baran&_u=KEDAAEABAAAAACAAI~&jid=&gjid=&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&z=175243028

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50930
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EE4 0
20 B 89ms
88ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=871.0000&a1=https&f1=layout_html&s1=0&d1=187.0000&i=637365279813&t=419&c=p&gqi=n5yZY8uwLd_KmLAPwNWMmAg&qqi=CJ7VlfHq-PsCFQP4hwod8kENAw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 09:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 81ms
81ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=736CF134908B4F3F90D4F3CBA25871D8&time=1671011502344&location=https%3A%2F%2Fnrj.ua%2F&referrer=&is_flash=0&session_id=134388301&version=3.5.355_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=15&param3=1200&param4=4418&param5=16&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://nrj.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 14 Dec 2022 09:51:42 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 playlist.json Show response
radioclub.ua/json/ 200 KB
200 KB 434ms
434ms Fetch
application/json 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua/json/playlist.json
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c26ca526f80f497f1d187aa258c28d76a6f32c6810c4724f4fac69ae31308662

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 09:51:43 GMT
last-modified: Wed, 14 Dec 2022 09:51:13 GMT
server: nginx
etag: "31fcd-5efc6ad4db9d8"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Version, Authorization, Content-Type
content-length: 204749

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1365359752&t=event&_s=5&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&ea=%D0%9F%D0%B5%D1%80%D0%B5%D0%B3%D0%BB%D1%8F%D0%B4%20%22%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%22&el=HOTLINE&_u=KEDAAEABAAAAACAAI~&jid=&gjid=&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&z=882041453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50935
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nrj.jpg
nrj.ua/images/ 43 KB
43 KB 249ms
82ms Image
image/jpeg 185.187.81.245
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrj.ua/images/nrj.jpg
Requested by: Host: nrj.ua
URL: https://nrj.ua/js/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.245 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: Apache /
Resource Hash: 62df039eb10ec6338728155db9081a4d52a113435d006e3ec2a76b873e1c454a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 09:51:43 GMT
Last-Modified: Sat, 20 Nov 2021 20:20:30 GMT
Server: Apache
ETag: "ac60-5d13e1f82a39f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 44128

GET
H2 206 61f7c0df3705f_tiesto_feat_karol_g_-_dont_be_shy_z2fm.mp3
radioclub.ua//upload/songs/file/2022/39/a6/ 64 KB
0 135ms
130ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2022/39/a6/61f7c0df3705f_tiesto_feat_karol_g_-_dont_be_shy_z2fm.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:43 GMT
last-modified: Mon, 31 Jan 2022 10:58:39 GMT
server: nginx
etag: "61f7c0df-5833f0"
content-type: audio/mpeg
Content-Range: bytes 0-5780463/5780464
cache-control: max-age=315360000
Content-Length: 5780464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 5c4827486181f_mark_ronson__miley_cyrus__chris_elliott_-_nothing_breaks_like_a_heart.mp3
radioclub.ua//upload/songs/file/2019/4d/41/ 47 KB
0 135ms
131ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2019/4d/41/5c4827486181f_mark_ronson__miley_cyrus__chris_elliott_-_nothing_breaks_like_a_heart.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:43 GMT
last-modified: Wed, 23 Jan 2019 08:35:20 GMT
server: nginx
etag: "5c482748-851e87"
content-type: audio/mpeg
Content-Range: bytes 0-8724102/8724103
cache-control: max-age=315360000
Content-Length: 8724103
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 5ab8ba9f318c1_BRITNEY_SPEARS_TILL_THE_WORLD_ENDS.mp3
radioclub.ua//upload/songs/file/2018/6d/48/ 0
0 135ms
131ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2018/6d/48/5ab8ba9f318c1_BRITNEY_SPEARS_TILL_THE_WORLD_ENDS.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:43 GMT
last-modified: Mon, 26 Mar 2018 09:17:19 GMT
server: nginx
etag: "5ab8ba9f-3a21ad"
content-type: audio/mpeg
Content-Range: bytes 0-3809708/3809709
cache-control: max-age=315360000
Content-Length: 3809709
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 206 6013bfe2411c8_ava_max_-_my_head_and_my_heart.mp3
radioclub.ua//upload/songs/file/2021/b5/5a/ 64 KB
0 135ms
131ms Media
audio/mpeg 185.187.81.232
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://radioclub.ua//upload/songs/file/2021/b5/5a/6013bfe2411c8_ava_max_-_my_head_and_my_heart.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.187.81.232 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://nrj.ua/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 14 Dec 2022 09:51:43 GMT
last-modified: Fri, 29 Jan 2021 07:57:22 GMT
server: nginx
etag: "6013bfe2-6f2df5"
content-type: audio/mpeg
Content-Range: bytes 0-7286260/7286261
cache-control: max-age=315360000
Content-Length: 7286261
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1365359752&t=event&_s=6&dl=https%3A%2F%2Fnrj.ua%2F&ul=en-us&de=UTF-8&dt=NRJ%20Ukraine%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D1%80%D0%B0%D0%B4%D1%96%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D1%96%D1%97.%20%D0%A1%D0%BB%D1%83%D1%85%D0%B0%D0%B9%20NRJ%20%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80&ea=%D0%9F%D0%B5%D1%80%D0%B5%D0%B3%D0%BB%D1%8F%D0%B4%20%22%D0%A1%D0%BB%D0%B0%D0%B9%D0%B4%D0%B5%D1%80%22&el=ZSU&_u=KEDAAEABAAAAACAAI~&jid=&gjid=&cid=932943923.1671011487&tid=UA-75879525-1&_gid=583054455.1671011487&z=424871128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nrj.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50940
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nrj.ua/	1970-01-20 08:10:18	Name: XSRF-TOKEN Value: eyJpdiI6ImRFRjJxUlZ3NSt6TTN1d2dzTjRVZ3c9PSIsInZhbHVlIjoicmt1MGJpazRYOGwyeXg5S05OSk1WYWtSMXRpMlZLRGlqcmZFc3Y4Y3M1MllBU2NYWXp4RGJ0Mmt6NlFsLzYyRHFIWDZBWG14RjhwNDVBZnBoN3dRc25WZVNGZnJRQlFBODZpY1FjV0dxRkYvMnJSbEFidTlsU0hlV3ZPdHhqMHAiLCJtYWMiOiI3NzZhZGUyNWMyNWZhZDJmNWFjOWEyYTU4OWRlNjI0NDA1MmFkY2Y1NzBmZTFlMzM3MzI3Y2RhNGYzYzZjYWFiIiwidGFnIjoiIn0%3D
nrj.ua/	1970-01-20 08:10:18	Name: nrj_session Value: eyJpdiI6IjFEdzA4SnV6ZGIxSGtnKy9HbmxtZ3c9PSIsInZhbHVlIjoiOEJrRlErOHV3aE1MSnVjdmJzVFQ4T1BGMEVwZUk4MmFUcmFVdzhIcjdBVFQvMEdoMDc0c1orLzlQczgxV3N1VThaSHZXRjNOTE00SVdMNU4xNDJaLzA0d3NmU2JpRlNXR0R1dWNkc0srTTR2emt0aHVBVkdzQk90dHkxT1dCQ0IiLCJtYWMiOiJiZTA0OTdmYzFmM2ZmMmE0NzRmMDhkNzY4MGUzZTc1NWFlOWI4YjliN2FkNmRhOWExNzkwNTJlMmMxZjYyNDI2IiwidGFnIjoiIn0%3D
.nrj.ua/	1970-01-20 17:46:11	Name: _ga Value: GA1.2.932943923.1671011487
.nrj.ua/	1970-01-20 08:11:37	Name: _gid Value: GA1.2.583054455.1671011487
.nrj.ua/	1970-01-20 08:10:11	Name: _gat Value: 1
.quantserve.com/	1970-01-20 17:40:25	Name: mc Value: 63999c9f-478d1-e4382-e5bba
.nrj.ua/	1970-01-20 17:34:40	Name: __qca Value: P0-216996592-1671011487005
.nrj.ua/	1970-01-20 17:31:47	Name: __gads Value: ID=6be586a834909620-22f8560df8d900f2:T=1671011487:RT=1671011487:S=ALNI_MYdJ8vvPF53f2wG6PfkpX0KVtLWFg
.nrj.ua/	1970-01-20 17:31:47	Name: __gpi Value: UID=00000b926bf53b16:T=1671011487:RT=1671011487:S=ALNI_MZpLI3woEiFMsqMGH7S1bjbDp_LIQ
.doubleclick.net/	1970-01-20 17:31:47	Name: IDE Value: AHWqTUnjdkIkfJOq1H14VKO_UcMWhlLxZoiH5R8XdjoLv1bkNdGc75MkKz1IGivg1Zw
.doubleclick.net/	1970-01-20 08:10:12	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:10:15	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14674112099215987585/undefinedz9njpo Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16841678510429673680/undefinedz9njpo Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cast.radiogroup.com.ua
cdn.plyr.io
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
juke.mmi.bemobile.ua
nrj.ua
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
radioclub.ua
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
185.187.81.226
185.187.81.232
185.187.81.245
194.247.175.23
194.247.175.25
194.247.175.26
2404:6800:4004:80c::2003
2600:9000:223c:8400:6:44e3:f8c0:93a1
2606:4700:21::681b:c258
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9a
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0216e3d32e040118d253dd5de43571e4d350c7419e7b2f43765347efab99aeb6
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
08a362a4dd9ee619cfd9cd74106d8d80ae94f04f92c1e6f889b3279de214e780
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
09b5cec7bbd18585fbf363c5fcf93a2ed286ba50897c0cccda89dd788a00d4d9
0c2d9d4d23668f9a96cf44bd7a334a4af8fe6cc60fdcce2245de5a81c5d58037
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
14c147dccdd8fdad42d83b29b8268d4a0b46177bb09a59237ed2fe4a7e203209
1504f68648e18c1537591170e5c32b983904585ccc2cc41e59feaace3f9c4ae2
16a78df2e91683d1d24c5cbe6465cb578fab46a08c9d219c7e6c918499c1ac8d
16cdc87c925e1798fa163dd17bafda0a0f9f09cbb04cbcec046109d0f9be65ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1aae23a1a146a8276a47a9aaa6b54f499f8f433d9acf7ae65920fd168de57e42
1bf984fa8148b2e414f2ae7d828c483accdd0426ad8cb1883280a2c801cedae5
1e09fbe47395274b7b2ac7c6c0d2470611f1a7b149bda29b8c1f6f4b2482f999
21f9799aaeb8a0b215575d7e65928fed57477eac2074d8f9f5a4302be3efcd05
2321a375eda31926f12753991b660123360a85c2af2abc9edfdb656f01772dd0
2be91de88e894243a225514799814ab79463d77fcb7b8b97e069e97cf8bf771d
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
30677d45656bab05c91d81ff65fe1a4b5c4fb011075373d3c598f8918aac3c3d
30ae8e3da669e62a9cc264e80f43e7165ab6a64006094df5be2747fd134611ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3f806647f88d37d884d78bdfa4bd50754cb4d3dcd8fc52c2a82ffc11e6350cfb
45e244c29ec7736f8aeb2a7e968bbfcfd3f48476b8068a19cbac37c8ad523eaa
47b89f9a3b84a31828b4ea0d1b2af20ff094368bef9ae3e38612f26cfbf293f8
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4a0ef478e729c9a9407080f7a6a0b98e4f131f1147b973967eca6e57e8bad36e
50b8ba25b2ea64a622ee9c5da3ae1e65e5d9603adf1c4b9d929ac11a6cdaa400
52e3856ad8328e5d64048a010c569ebfa7516abd412a74876c195a3e1631dc26
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ee91606dec5ccb1d1920e6ab3388cdb7f1e285594a564fbcb20452ae861e60
584917eaa2763281d009ea8ae694f07d7acfcd38948ae0ded3dcc5dd48fa88e5
5a06bfca92c64d52a9446de65a52d4d541a2865fa3004f3cbd71adcf186755e8
5fcb8f846998df962a7d426b50e4254695cec4e62ac70b94e372fa1ea2b73c23
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62df039eb10ec6338728155db9081a4d52a113435d006e3ec2a76b873e1c454a
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
696efa9b3d8d97dd26d62bbee9f70ca65b5d8ca3a216be69168d19df90c13c92
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6e2c66e912e515b4e943124e02b1b807766ffb1127c5be417e0fbf658efc7827
6e7cf50b7ac98e25adf408490d01b02cface5bc6af35707cceec98fc57355ca3
6ec3bb86376862174186aa4c4cad06da03e838032716ff7b533ec962021ef1cf
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
764a79d7e8c4a84d8286fd262e201b8dc9ce28ef0f7650efefbcd5c1f6f61efc
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
792c0ba5815b13e4bc38f77eb7c897d5f024fb8a6e7a3d2847db60a76f31584c
7b4efcebecd33bfebca1afb5f3a029af79b2a8a297d27db3ec0f978d9c648c74
7f5fb85589b15157031061c6da3696ef95135353f07c5310b237b07e4b68056e
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84faf3a1ee69dc23bf0b8593265d51b93da8d2c2b873142084f62a73e0ab7e2f
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
881698d0fc6da6ea0798776e09213412047b8294034055c90965748c9292a77c
8f3e20dd382bfcc391f7c77302f2d7bbf3ff73084b562236ad21d9077bea5fa1
93f0c43e83ba9c7da3d5921c2220655e308f82103caf708e20bf95b07d329a93
9a179c4bb7e370f84b5ff947f1234412507f2c39e6e8e054e3d9e891b2884ced
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9bf76afa60f73a2daa491a04b90b7bd5077c21f838e441308240e07986cfdec2
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e23c31e02d78c4ad340de95848ce3e2dbf575bae805ebd9ff5cb6fba18f5dc5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b94fb53f46798297d5d1e3252692a61bae6c28d552c56db0c4e8568cb8a1d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68d9d55d676c68f023dcb36e05e42c5213eae2b0dde0a37dd563a75f00c5d22
a7a29d0dddb30188fb3a6da49b23cd33b77ca6532930e1f10dae79edb3bc8991
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
aba1e6979e18a6055ae7a28733e6b5829e641fbcbfd36af8b026ab0e888a6778
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
ac1d286b9eb6cb82f78d01ca816a043d21d1da301a324ea5d7c16348955e1e51
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ec81b5d694055014c41a81be438f546ba914d56e7657cfe73a79c8eedd63b5
b3a2c9e302dab93a41bb53bedfadf64cd1336c81191be5a38ac3b5e0e130a1b2
b3e60b485b1018a19d3864a17bd96e95ffcf872f9799302d73f5454b16977268
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6ae9cae38999e81624a0eadfee5d866edcf491504da668fa2108f60d2bda86b
b9a88fbc12f0af5f1d56d0892cc9dedae066f544e9de8881e66d25a681fca22f
ba2ea8daf45136819365c897010c0f185d534a7dc553578ec156f9c8db72449e
ba4a2f54149df912564d5605d23128a0dc3fbbfd89cb00ed35b51473f2a6790e
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c1c181607173c0f6025084c36e724cc1b2d874760495b867377e8b188b78d1af
c26ca526f80f497f1d187aa258c28d76a6f32c6810c4724f4fac69ae31308662
c286a560e36d9727011336cfd9ca96b2a8998c01da58b40d04469d903bfa2a90
c6c0491115cbaa3d69a23142d20c5062770ddfba56e81b7fd7c4c9346eae09cf
c7ff3be2eed815ad90a7559086f6b7a5f230f2f20182e9036afea5b808b469cf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdb71500f406871302484e279b2d2b3d06f32ed6ebe7f32eef35f29c38bebcdd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d03e3b55604b205b72b9ea363a66e2045c2829b93156b57667da9a8e8f7dad8b
d0aab962f713bd6559ee16a718d3f887422ecb2afe442b44c392795eb58854b4
d4cec7c20f20e4b1faa390650d7687d01afc7299c8f5475efd071220d6d36b62
dcd794d09545c6e9d90a55cac0e768e4a889b5a7a5ef3bd16ac6a8ccf44446f4
df3eb7963aa5273710f22194265f9836e8edb30c6ae25c5b8e16f15e6866bd54
e0e5a85f9b7e2462bfdcdb069238a9a206c76207e7502039e9fd543e35da93ab
e1c4968f4fb1346e9ff5afd523b756bd38fdc9baefa1ff3757013710835d81c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65433471207d1b096a9f46719bb6c76f3c33be656f89936531ca1a6b7d8de14
e8036c46a6d8fd93843036adfed797e2fad927a88dcd1a636c36c8851c06cd2f
e888823e470343683d58562176897c16ebbdf6f8dff01ceee4e1b9f899b044f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa94bff63e2e7d68807f31fda701fe7e264e6291a43ba93c7aa18ca4198c0fa
f85115f3e8dd014a84c981b3d09da32eb67712b19c302a2824f54f530469e685
fab16292a66e362f856092e0fb1fe26eeec7c620fbbfa383c7ebf7d77be81d8f
fcebe0f8d4ae57c0f9ca0b4f180fdf4370d55f213c287cee064f8e5a2de92c9a
fd04ae51873d791da5a67c763f60156c7cccb6e97ce98e66a13f47cfb4345fa5
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

nrj.ua Open in urlscan Pro 185.187.81.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

100 %HTTPS

74 %IPv6

17 Domains

26 Subdomains

24 IPs

5 Countries

12737 kBTransfer

23689 kBSize

12 Cookies

21 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nrj.ua Open in urlscan Pro
185.187.81.245 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

100 %
HTTPS

74 %
IPv6

17
Domains

26
Subdomains

24
IPs

5
Countries

12737 kB
Transfer

23689 kB
Size

12
Cookies

180 HTTP transactions
3 data transactions