nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On November 20 via api (November 20th 2022, 12:05:30 am UTC) from GB — Scanned from GB

Summary HTTP 129 Redirects Links 108 Behaviour Indicators

Summary

This website contacted 53 IPs in 13 countries across 35 domains to perform 129 HTTP transactions. The main IP is 2606:4700:10::6816:3649, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 138593.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2606:4700:10:... 2606:4700:10::6816:3649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::1055:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 3	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:1400:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::874:1	200325 (BUNNYCDN) (BUNNYCDN)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	3.64.191.9 3.64.191.9	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:2956:3dc:3306:4aa5	16509 (AMAZON-02) (AMAZON-02)
3 5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	54.195.231.201 54.195.231.201	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:3eca:3e11:a642:4dca	16509 (AMAZON-02) (AMAZON-02)
2 2	3.66.5.109 3.66.5.109	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	() ()
129	53

1 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:4700:10::6816:3649 (United States)

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1055:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.71.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1400:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::874:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.191.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-191-9.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:2956:3dc:3306:4aa5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.231.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-231-201.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:3eca:3e11:a642:4dca (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.5.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-5-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 138593 static.nv.ua — Cisco Umbrella Rank: 404250	1 MB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	144 KB
12	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	10 KB
11	googlesyndication.com 0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	112 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 439 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 544 pixel.rubiconproject.com — Cisco Umbrella Rank: 307	14 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 491 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	8 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4753 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 64696 ls.hit.gemius.pl — Cisco Umbrella Rank: 12859	22 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 691 gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	8 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 209 acdn.adnxs.com — Cisco Umbrella Rank: 579	20 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 95200	192 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5922 adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	858 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 587 cdn.indexww.com — Cisco Umbrella Rank: 1490	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 554 eb2.3lift.com — Cisco Umbrella Rank: 339	656 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 790	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	158 KB
1	mookie1.com odr.mookie1.com	356 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1431	181 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 2180	419 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 465	433 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416	596 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 355	706 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	637 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6055	276 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8982	3 KB
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3954	478 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 65785
1	cloudfront.net d3div1mtym39ic.cloudfront.net	39 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 165909	311 B
129	35

	Domain	Requested by
28	static.nv.ua	nv.ua
12	nv.ua	1 redirects nv.ua
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nv.ua
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	3 redirects
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nv.ua
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cdn.membrana.media	nv.ua cdn.membrana.media
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	www.google.com	1 redirects nv.ua tpc.googlesyndication.com
3	ib.adnxs.com	cdn.membrana.media acdn.adnxs.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	www.google.de	nv.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	unpkg.com	1 redirects nv.ua
2	www.google-analytics.com	www.googletagmanager.com nv.ua
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	odr.mookie1.com	ssum-sec.casalemedia.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	s.company-target.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	acdn.adnxs.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	mug.criteo.com
1	googleads.g.doubleclick.net	nv.ua
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ap.lijit.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	d3div1mtym39ic.cloudfront.net	nv.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	www.googletagservices.com	nv.ua
1	c.hit.ua	nv.ua
129	58

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
hit.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.membrana.media R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://nv.ua/
Frame ID: 3DBD946418382C1C8A890605D4A4C594
Requests: 85 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 40E3AE6C0234A3037AA8DDD4BDF45859
Requests: 1 HTTP requests in this frame

Frame: https://0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EBC5393E912D7DC4FDC82526B1B562C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97655E094160E8EDE55E3ACFC76B32E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA3CE3646D88222C64920D6A0B104268
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 8D86C9A87AE264632C33CABD668BBD88
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: 675E8D8EFA701740D80CAA4FFC2DA433
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 728F4A8F667A7C4EB12802AFB332DDC4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3F5896F1D4EBE45352461D7151E6549
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FA3DF773203095F051FFE6295EC3B93C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A93ECF84C158543BD654B7FAA297504C
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3799EF01DA6C6A0D9DE005A9221503F1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

129
Requests

87 %
HTTPS

51 %
IPv6

35
Domains

58
Subdomains

53
IPs

13
Countries

1991 kB
Transfer

4068 kB
Size

42
Cookies

108 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/art.html
Title: Арт

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview/zhinoche-fermerstvo-pid-chas-viyni-50283162.html
Title: Жіноче фермерство під час війни

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/5-nagalnih-tem-dlya-pidpriyemciv-50260846.html
Title: П`ять нагальних тем для підприємців

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/depozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrmarketsdepozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr?utm_source=nv.ua&utm_medium=1&utm_campaign=ukr

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/katar-ekvador-divitis-onlayn-chs-2022-pryama-translyaciya-matchu-20-11-2022-50285333.html
Title: Катар — Еквадор. Онлайн-трансляція матчу відкриття ЧС-2022

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/ronaldu-prezentuvav-voskovu-figuru-v-u-muzeji-madam-tyusso-v-nyu-yorku-video-50285334.html
Title: Роналду презентував свою воскову фігуру в Музеї мадам Тюссо в Нью-Йорку — відео

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/ronaldu-i-messi-spilne-foto-50285327.html
Title: «Перемога — це стан розуму». Роналду і Мессі опублікували спільне фото перед чемпіонатом світу

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/katar-ekvador-divitis-onlayn-chs-2022-pryama-translyaciya-matchu-20-11-2022-50285329.html
Title: Катар — Еквадор. Де і коли дивитись матч відкриття ЧС-2022

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/zaborona-alkogolyu-yak-pogana-ideya-i-zvidki-z-yavilas-mafiya-v-ssha-istoriya-podatkiv-50285316.html
Title: Вітаємо пана Аль Капоне! або Про Сухий закон та податки, — Андрій Серветник

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/kurs-valyut-v-ukrajini-na-21-27-listopada-2022-skilki-koshtuye-dolar-novini-ukrajini-50285112.html
Title: Відносна рівновага / Що буде з готівковим курсом долара наступного тижня — валютний прогноз 19 листопада, 11:01 Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/masovaniy-obstril-ukrajini-naslidki-dlya-operatoriv-merezhi-i-yak-ide-vidnovlennya-novini-ukrajini-50284837.html
Title: «Магічного рішення не існує» / Президент Київстару про те, скільки протримається мобільна мережа у разі блекауту — інтерв'ю 18 листопада, 08:56 Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/zhinki-u-lavah-vsu-yaki-potrebi-viyskovosluzhbovic-ta-yak-jih-zakrivayut-novini-ukrajini-50284823.html
Title: Засоби гігієни, форма та зручна білизна / Які потреби мають українські військовослужбовиці сьогодні та хто допомагає їх закривати 19 листопада, 09:17 Соціум

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/andrey-servetnik.html
Title: Андрій Серветник Партнер, керівник практики Deloitte Private в Україні

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/kompan.html
Title: Іван Компан фінансист, засновник First Kyiv Investment Club

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/mask-vede-twitter-do-katastrofi-reakciya-investoriv-na-zustrich-g-20-i-raketi-v-polshchi-50285227.html
Title: Як стати власником маленького багатства? Інтрига тижня полягала в тому, чи продовжиться зростання, спровоковане кращими, ніж очікували, показниками інфляції. 19 листопада, 11:41 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/prodovolcha-kriza-ukrajina-obvalilasya-u-reytingu-svitovoji-prodovolchoji-bezpeki-ostanni-novini-50285141.html
Title: Найгірший показник у Європі / У рейтингу продовольчої безпеки Україна через російську агресію впала на 13 позицій 18 листопада, 18:56 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/v-katari-zaboronili-prodavati-pivo-na-stadionah-50285131.html
Title: За два дні до старту ЧС-2022 / У Катарі заборонили продавати пиво на стадіонах 18 листопада, 18:36 Футбол

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0' aria-label="hit.ua"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Request Chain 54

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 71

https://gaua.hit.gemius.pl/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=KrtnSvdj81sxFTvbI4XMHHPaXDU.tN2HDPDiE0XEPff.j7uSBZ9OHXuVe1vel8fRmxI4wcPaM7Y1xBMdOx5i8QsuJKzQ/E1tpBj5t.Di.2/&fpdata=grVs.AUE813FCqvzyzDLQ0yhNOoWqkobMCkzw67UXSn.e7&ltime=279&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63796f441ea3feda&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=KrtnSvdj81sxFTvbI4XMHHPaXDU.tN2HDPDiE0XEPff.j7uSBZ9OHXuVe1vel8fRmxI4wcPaM7Y1xBMdOx5i8QsuJKzQ/E1tpBj5t.Di.2/&fpdata=grVs.AUE813FCqvzyzDLQ0yhNOoWqkobMCkzw67UXSn.e7&ltime=279&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63796f441ea3feda&fpcap=

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RI7ndXw1UEhCV1FjRHBjTEtlSUZ6Zkh0QWVRK1d0Z0xhb0hjNDBaN3hkVDhKSlQreG9sRFozbDhNTGtXUXc5LzA0Y0hReGEzNTZzR3Z2RGpOalNseDJjcGxENVM1alNZaWhrUi9mV29sb3RRSm1UWEJET1I1eWtldU9SbWhieUhLMTRMc0RFdmk2Q01MQ1VWRzJTVng3ZDM3RFQ5dFZkSjl1NWhiUFlsQ3dDdjRTazZTMHlEc29HdlI2TFpxbE4wbStuMEYrTFoxamVEcTdGSm5jQTVCOEZxRjQ0eFJaNGV3SmUrckFlLzAreXc5cmNhYlljWEowT0VFOHFxbUxwTFRLSVRZdHBINVkvaWppQUkzaER6eGJocmVqQT09fA&cppv=2

Request Chain 107

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 110

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOLLBZ1-26-D08A

Request Chain 111

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M7CcPQXSRDO8AUmzDl32ug&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=M7CcPQXSRDO8AUmzDl32ug

Request Chain 112

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/LYIo06tk8Paaht3YozhF4sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=600673274975471855

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOtK4xbrZuRrXwwIv_UkM-Y&google_cver=1

Request Chain 114

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NbYa1SYcTqmqAtAYWmLPRg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NbYa1SYcTqmqAtAYWmLPRg

Request Chain 116

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZhMTllYjgyMzUyZTE2OGMxMzk0YzFlZjYxNTliZmJlNjUyN2VlNQ

Request Chain 117

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTExCWjEtMjYtRDA4QQ==

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3lvSBZojWX.7xBrXyGSGAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFJmHduNEyZxlr8jHnvvFBg&google_cver=1&google_hm=2

Request Chain 120

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&dcc=t

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMPAVkekAKbkBGSE4GIXRFk&google_cver=1

Request Chain 123

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684541128&external_user_id=9d726868-fe85-441b-bb13-2fb8003e4844

Request Chain 125

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14c402b-a78c-404f-81ea-985b40a3cb6d&ssp=index&gdpr=&gdpr_consent=

129 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

225 KB
47 KB

283ms
190ms

Document
text/html

2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd3501d9c9d69b8359f465c834b07ad69bf689b9dc070476dd10d0f279222cc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 76ccef088f018862-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 00:05:24 GMT
nv-cache: 180s
server: cloudflare
x-cacheable: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 76ccef075b1a7535-LHR
Connection: keep-alive
Content-Type: text/html
Date: Sun, 20 Nov 2022 00:05:23 GMT
Location: https://nv.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 5c2ab02f62744a1348b2fc567fa06eee.jpg
static.nv.ua/shared/system/Article/posters/002/598/648/original/ 94 KB
94 KB 82ms
73ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/648/original/5c2ab02f62744a1348b2fc567fa06eee.jpg?q=85&stamp=20221118194703&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2308550235c1ad5d554ee51e1f92a78f23ca8d9d9df73554bf5f12a12ce5cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 08:24:44 GMT
server: cloudflare
age: 51935
etag: "eabe1633a2157d37eba66f011f18ce40"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef09e8fb8862-LHR
expires: Mon, 19 Dec 2022 09:39:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
85 KB 177ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce0b5866bb872f7570a991829c96421633b57842401e45347e93340644bdf7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86942
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Nov 2022 00:05:24 GMT

GET
H2 200 tablet-fixes-768.css
nv.ua/css/ 2 KB
706 B 75ms
75ms Stylesheet
text/css 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-768.css?4.111
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 281318
cf-polished: origSize=1661
etag: W/"618b9271-67d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 76ccef09e8e78862-LHR
expires: Fri, 17 Nov 2023 17:56:46 GMT

GET
H2 200 tablet-fixes-1024.css
nv.ua/css/ 2 KB
750 B 56ms
56ms Stylesheet
text/css 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-1024.css?4.111
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 281318
etag: W/"618b9271-700"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 76ccef09e8ea8862-LHR
expires: Fri, 17 Nov 2023 17:56:46 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 69ms
69ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22420172
etag: "60e41fd8-944c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76ccef09e8f38862-LHR
content-length: 37964
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
38 KB 54ms
53ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22420172
etag: "60e41fd8-9578"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76ccef09e9008862-LHR
content-length: 38264
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 nv_logo_WM.svg
static.nv.ua/images/main/ 3 KB
1 KB 70ms
69ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_logo_WM.svg?q=85&f=webp&stamp=4.111
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a250249af55b275aa53e5590ff03d59e3a13ae85b035474cb0ba2caf83934357

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 08:42:36 GMT
server: cloudflare
age: 4304
etag: W/"6371ff7c-dbb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef09e9038862-LHR

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
407 B 93ms
92ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 22420440
etag: W/"5e6ff361-1a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 76ccef09f90d8862-LHR
expires: Mon, 06 Mar 2023 12:11:24 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 90ms
89ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22420202
etag: "60e41fd8-d430"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76ccef0a09178862-LHR
content-length: 54320
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 89ms
89ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22420202
etag: "60e41fd8-e8b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76ccef0a09188862-LHR
content-length: 59576
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 88ms
88ms Font
application/octet-stream 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 15327250
etag: "616eaf71-3914"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76ccef0a091b8862-LHR
content-length: 14612
expires: Sat, 27 May 2023 14:31:14 GMT

GET
H2 200 447a4722329059e26a5bda8ec1f33f76.png
static.nv.ua/shared/system/opinion_authors/avatars/000/009/872/original/ 11 KB
11 KB 87ms
82ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/009/872/original/447a4722329059e26a5bda8ec1f33f76.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a34d4a1e05df99f1f5b6a87cc8031e5176190f4d8cf1555cee8a96b3a1840f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 135209
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Tue, 08 Nov 2022 02:52:58 GMT
server: cloudflare
etag: "46a4b9c1bb9086df4743d1e607970199"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a39908862-LHR
expires: Sun, 18 Dec 2022 10:31:55 GMT

GET
H2 200 5e9cb639cd64aa4e3175c30e57f2def1.png
static.nv.ua/shared/system/opinion_authors/avatars/000/019/184/original/ 7 KB
7 KB 88ms
83ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/019/184/original/5e9cb639cd64aa4e3175c30e57f2def1.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e02cfa8d2e7c0999cbd9ecf21ad707d339d77d265af53cdd80f83696949690c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 139823
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Nov 2022 06:04:04 GMT
server: cloudflare
etag: "49bdbbd3c8919edaaf402bd44eaed2c0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a39948862-LHR
expires: Sun, 18 Dec 2022 09:15:01 GMT

GET
H2 200 af4e5f4e3fb76438266fd43036b2c8f1.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/374/original/ 11 KB
11 KB 88ms
84ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/374/original/af4e5f4e3fb76438266fd43036b2c8f1.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2642cfcd2d588fbc25af0067cbaed47cc904ec9e911df8e9673781f08af793

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 452506
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Nov 2022 16:34:26 GMT
server: cloudflare
etag: "71f6adf8db529d78c9ecc98273370905"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a39968862-LHR
expires: Wed, 14 Dec 2022 18:23:38 GMT

GET
H2 200 35571ad741f55b001dcbfe306a8f0b99.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/ 11 KB
11 KB 89ms
85ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/35571ad741f55b001dcbfe306a8f0b99.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 1337291
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Nov 2022 04:23:20 GMT
server: cloudflare
etag: "5dcd95eee4c4cbae01df3ec3af37c9c0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a39978862-LHR
expires: Sun, 04 Dec 2022 12:37:13 GMT

GET
H2 200 19ff66cc7865fe063ce9f93b1bf65c14.png
static.nv.ua/shared/system/top_images/images/000/000/074/original/ 5 KB
6 KB 75ms
75ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/074/original/19ff66cc7865fe063ce9f93b1bf65c14.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 37053
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 19 Nov 2022 11:53:46 GMT
server: cloudflare
etag: "b69f13d84a9dfe9b65c2f96e6500ba75"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a59c18862-LHR
expires: Mon, 19 Dec 2022 13:47:51 GMT

GET
H2 200 9c01ef32f3c4483332ca2e1a4b9a3b25.png
static.nv.ua/shared/system/top_images/images/000/000/076/original/ 10 KB
10 KB 76ms
76ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/076/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 1854730
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "363bb42bf07661e5c12073e3f65c631b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a59c38862-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 2c379b42d42047eca51b5e9a7ad8181b.png
static.nv.ua/shared/system/top_images/images/000/000/078/original/ 5 KB
5 KB 86ms
86ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/078/original/2c379b42d42047eca51b5e9a7ad8181b.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
age: 1854730
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "4662828e117d218016ebdf7a90b3b354"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a59bf8862-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 b8e93f551585d0cac8ebae82d67f11aa.jpg
static.nv.ua/shared/system/Article/posters/002/598/932/original/ 13 KB
14 KB 74ms
73ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/932/original/b8e93f551585d0cac8ebae82d67f11aa.jpg?q=85&stamp=20221119175306&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d263f4f9807307a8df173b9e18637ac09d89334f97587a955655d06fcb9b54bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 16:27:01 GMT
server: cloudflare
age: 23322
etag: "eccb200b08f611a8694cb650e84822c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a59bc8862-LHR
expires: Mon, 19 Dec 2022 17:36:42 GMT

GET
H2 200 b72d5e70fa0c5fa17b22da864eddec74.jpg
static.nv.ua/shared/system/Article/posters/002/599/016/original/ 3 KB
3 KB 77ms
77ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/016/original/b72d5e70fa0c5fa17b22da864eddec74.jpg?q=85&stamp=20221120002403&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f55f4e61697411b3e7315b135159bfd880705f4bb697f11b35047934be883c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 21:30:25 GMT
server: cloudflare
age: 5344
etag: "42a28666fcfbcaf6a778a32d6761cc84"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0a59bd8862-LHR
expires: Mon, 19 Dec 2022 22:36:20 GMT

GET
H2 200 811331f049f990144a0e5dd059f06347.jpg
static.nv.ua/shared/system/Article/posters/002/598/986/original/ 12 KB
13 KB 74ms
73ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/986/original/811331f049f990144a0e5dd059f06347.jpg?q=85&stamp=20221119204820&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66aa093f93cdde791f7b134add6d48542fc4a28c3301a28fad7799b70b3f1efa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 19:33:16 GMT
server: cloudflare
age: 12423
etag: "8417189226b29ab5e908f2061b9cfa66"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0aeabc8862-LHR
expires: Mon, 19 Dec 2022 20:38:21 GMT

GET
H2 200 0962c96f83186eb4cb7819900d1edcbe.jpg
static.nv.ua/shared/system/Article/posters/002/598/996/original/ 5 KB
5 KB 60ms
60ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/996/original/0962c96f83186eb4cb7819900d1edcbe.jpg?q=85&stamp=20221119211902&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00f84fd9dc8de5daa4ffb968a350c0c1c0f412543ddd4ebaea4098cf4b4e57c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 18:47:31 GMT
server: cloudflare
age: 14900
etag: "d3a0b06bc138b7a16eac6d549d19d986"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b0af38862-LHR
expires: Mon, 19 Dec 2022 19:57:04 GMT

GET
H2 200 398727f0cb9164973b802aa11a8c9abc.jpg
static.nv.ua/shared/system/Article/posters/002/598/992/original/ 8 KB
8 KB 61ms
60ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/992/original/398727f0cb9164973b802aa11a8c9abc.jpg?q=85&stamp=20221119203923&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5511473432c598d63e4ecb8cbf573eb59137335308965215a13401b1eef7f96d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 18:10:51 GMT
server: cloudflare
age: 16393
etag: "a710731a2c4e1581239e5ca22f07682a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b0af58862-LHR
expires: Mon, 19 Dec 2022 19:32:11 GMT

GET
H2 200 7a9840c7ef94c9ffdd0f31c0ef213c0d.jpg
static.nv.ua/shared/system/Article/posters/002/598/982/original/ 5 KB
5 KB 56ms
56ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/982/original/7a9840c7ef94c9ffdd0f31c0ef213c0d.jpg?q=85&stamp=20221119195958&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1854066cc5a52b714ee6d763be504451b0aeefbd77d90aa21ec5b126ea132b31

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 17:50:26 GMT
server: cloudflare
age: 18177
etag: "6018ac46fc7503e06ce8c1feee2cd63f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b0af98862-LHR
expires: Mon, 19 Dec 2022 19:02:27 GMT

GET
H2 200 f858acdc5c9c202b599d010ec263ed9b.jpg
static.nv.ua/shared/system/Article/posters/002/598/978/original/ 4 KB
4 KB 55ms
55ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/978/original/f858acdc5c9c202b599d010ec263ed9b.jpg?q=85&stamp=20221119202216&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5187eabe81f609941b72b028440781ec1188bb207f06cb4e6749abe68ec4c555

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 17:25:22 GMT
server: cloudflare
age: 20235
etag: "f1d6557f78605fdf327946ae4d4b7279"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b1b028862-LHR
expires: Mon, 19 Dec 2022 18:28:09 GMT

GET
H2 200 62bd36d0c500726e063d5663932c76ce.jpg
static.nv.ua/shared/system/Article/posters/002/598/963/original/ 5 KB
5 KB 55ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/963/original/62bd36d0c500726e063d5663932c76ce.jpg?q=85&stamp=20221119193622&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a421196470e3b66f422c43be7f2b71baa9c9d8d1d61427fcafcc61fe4b3f220c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 16:45:20 GMT
server: cloudflare
age: 21897
etag: "699777998943c0954c948e603b309208"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b6b638862-LHR
expires: Mon, 19 Dec 2022 18:00:27 GMT

GET
H2 200 ef44816eb2d8cec82bc36fcf77a26d9c.jpg
static.nv.ua/shared/system/Article/posters/002/598/526/original/ 10 KB
10 KB 57ms
57ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/526/original/ef44816eb2d8cec82bc36fcf77a26d9c.jpg?q=85&stamp=20221118164739&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6844bfac6cf0266eeb6240223a0d6c6307c6599ff501935267b5f92601c3c5ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 08:02:41 GMT
server: cloudflare
age: 53611
etag: "0394a2ae3fe72a0c5309765167f07621"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b6b678862-LHR
expires: Mon, 19 Dec 2022 09:11:53 GMT

GET
H2 200 e6dc140e1ed24412f163d052e917b8b3.jpg
static.nv.ua/shared/system/Article/posters/002/598/954/original/ 15 KB
15 KB 54ms
53ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/954/original/e6dc140e1ed24412f163d052e917b8b3.jpg?q=85&stamp=20221119184520&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa08895bc9c8e6c643c56ca4a90cc9f041881c450dca52b4c098a3bf3a868a91

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 16:25:28 GMT
server: cloudflare
age: 23322
etag: "971592e2ee76f9d817e7e994c9e76ec1"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b6b688862-LHR
expires: Mon, 19 Dec 2022 17:36:42 GMT

GET
H2 200 aae352722d65e3911a208f5a45d36211.jpg
static.nv.ua/shared/system/Article/posters/002/598/926/original/ 3 KB
4 KB 64ms
63ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/926/original/aae352722d65e3911a208f5a45d36211.jpg?q=85&stamp=20221119172921&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 431c54d3ab522162f1c2602164f998e86f9897409967b3deadb81b84ce867962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 14:52:56 GMT
server: cloudflare
age: 29442
etag: "841d007d1384b10a0bf8695c44b74894"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b6b6e8862-LHR
expires: Mon, 19 Dec 2022 15:54:42 GMT

GET
H2 200 6b56c2d93763b8c684763fae3a27bc97.jpg
static.nv.ua/shared/system/Article/posters/002/598/882/original/ 68 KB
68 KB 67ms
67ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/882/original/6b56c2d93763b8c684763fae3a27bc97.jpg?q=85&stamp=20221119151750&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8072c13e215e3cef151ae981156a4dfad924a34def3c0143f6c3b82b26d69d6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 12:39:25 GMT
server: cloudflare
age: 37281
etag: "4ab52310b8bad772de90f035d13091ad"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0b6b708862-LHR
expires: Mon, 19 Dec 2022 13:44:03 GMT

GET
H2 200 a98420d46feffff3caacf3bebad4c9cf.jpg
static.nv.ua/shared/system/Article/posters/002/597/934/original/ 21 KB
22 KB 63ms
62ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/597/934/original/a98420d46feffff3caacf3bebad4c9cf.jpg?q=85&stamp=20221117173011&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abeddf7139d4f376244097d104c0cb2412e4d7dfaea41e633e3d9dea8d5f2479

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 17:25:42 GMT
server: cloudflare
age: 145044
etag: "b335fadb2fa09baa6aa81a276efaaab6"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0babc48862-LHR
expires: Sun, 18 Dec 2022 07:48:00 GMT

GET
H2 200 dcc9b5e045ce75a22076e5fe423ec3e1.jpg
static.nv.ua/shared/system/Article/posters/002/598/548/original/ 14 KB
14 KB 63ms
62ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/548/original/dcc9b5e045ce75a22076e5fe423ec3e1.jpg?q=85&stamp=20221118172844&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a96a639f569e1022a1701be93d0e44e6134185e764a608ccf06db0a5af77fce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 04:30:46 GMT
server: cloudflare
age: 60704
etag: "c57cfa780c6da64996e29d8012a5575d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0bbbda8862-LHR
expires: Mon, 19 Dec 2022 07:13:40 GMT

GET
H2 200 49c5cf820f0b6775542d578bba6bb2e6.jpg
static.nv.ua/shared/system/Article/posters/002/598/594/original/ 26 KB
26 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/594/original/49c5cf820f0b6775542d578bba6bb2e6.jpg?q=85&stamp=20221118183029&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14473e76e60b4da118d83d6c40eb6b10cfc879cb84d99862d94f906eab446b14

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 06:30:51 GMT
server: cloudflare
age: 59313
etag: "3f420f4a37470de5897b5ce9f0d1a484"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0bbbdd8862-LHR
expires: Mon, 19 Dec 2022 07:36:51 GMT

GET
H2 200 d1a39fa8ba7be1000619861ed779353d.jpg
static.nv.ua/shared/system/Article/posters/002/598/290/original/ 279 KB
279 KB 61ms
61ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/290/original/d1a39fa8ba7be1000619861ed779353d.jpg?q=85&stamp=20221118124930&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56cd2954526db90c734d732bae18813897b823dac73d1b0d1275d73722ae833

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:45:26 GMT
server: cloudflare
age: 130149
etag: "d1da1aad1d13ddac276444248ebe42b3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0bbbe48862-LHR
expires: Sun, 18 Dec 2022 11:56:15 GMT

GET
H2 200 9a966715313ea429ca5b3f7810eb9d39.jpg
static.nv.ua/shared/system/Article/posters/002/598/018/original/ 42 KB
42 KB 59ms
59ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/018/original/9a966715313ea429ca5b3f7810eb9d39.jpg?q=85&stamp=20221117191813&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624a10aaf49fb83667ab428efcb6399ec8b6c841aff0bc0dc6b9be5535b4aa6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 18:01:42 GMT
server: cloudflare
age: 190647
etag: "9ba952da4ed1321ff3f332f902e1d87d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0bcbf48862-LHR
expires: Sat, 17 Dec 2022 19:07:57 GMT

GET
H2 200 f5dfdbba7b87d95e80dba354c78d6272.jpg
static.nv.ua/shared/system/Article/posters/002/598/853/original/ 32 KB
32 KB 65ms
65ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/853/original/f5dfdbba7b87d95e80dba354c78d6272.jpg?q=85&stamp=20221119144301&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8db819cede40919ca07137900701d9f5ca5e1f176e5217ecbe6884df3a1ab26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 11:52:34 GMT
server: cloudflare
age: 40022
etag: "09d8c3f35ddac1035cfbccd2f166fcae"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0bdc0d8862-LHR
expires: Mon, 19 Dec 2022 12:58:22 GMT

GET
H2 200 bad1cdd0c46375d194dc2a3c010dddb5.jpg
static.nv.ua/shared/system/Article/posters/002/597/476/original/ 13 KB
13 KB 54ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/597/476/original/bad1cdd0c46375d194dc2a3c010dddb5.jpg?q=85&stamp=20221116205058&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe9ec67947b0df13337ddd32e9434c16c4d7da9ae01e7f00f670579a4d601cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 20 Nov 2022 00:05:24 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 19:19:18 GMT
server: cloudflare
age: 270267
etag: "96b116b402248a1963ce3d5706f740b3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0c0c5f8862-LHR
expires: Fri, 16 Dec 2022 21:00:57 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 253ms
80ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17204
expires: Sun, 20 Nov 2022 12:05:24 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 339ms
84ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.17838939481597405&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 133 KB
45 KB 78ms
77ms Script
application/javascript 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.111
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59813bf2252ee85850dbd0679d4b9b8a92de6faa7267caeef2ebc17e8aaec2a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 15:09:22 GMT
server: cloudflare
age: 281318
etag: W/"6374fd22-21388"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 76ccef0a59d78862-LHR
expires: Fri, 17 Nov 2023 17:56:46 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 42 KB
9 KB 89ms
88ms XHR
text/html 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e3f8eb981570cb1f8ab992021dc229d00ab2d936d2de0fa88855f460d1edbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
cf-cache-status: DYNAMIC
age: 134
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
varnish-ttl: 900.000
cf-ray: 76ccef0a59d88862-LHR

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 177ms
61ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1397 / 309 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Nov 2022 00:05:24 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 3 KB
2 KB 206ms
54ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?3
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-1055 /
Resource Hash: c02b4498ab30cdbf47ce694a9c03d0cb14225f733c1d546206c3a4854b9f1321

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-164
cdn-cachedat: 11/17/2022 00:00:34
cdn-pullzone: 139012
last-modified: Mon, 14 Nov 2022 09:33:46 GMT
server: BunnyCDN-DE-1055
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63720b7a-b8f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 88c4103ba6f2ca989fe7f1276bb990c5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/c/ 389 KB
114 KB 54ms
53ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/c/ym.js?3
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-1055 /
Resource Hash: c1d51ae45c50840430b9c4ce1133c779130f66e68cd66a9fd79cf5e85b228969

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-169
cdn-cachedat: 11/17/2022 00:00:34
cdn-pullzone: 139012
last-modified: Mon, 14 Nov 2022 09:33:37 GMT
server: BunnyCDN-DE-1055
cdn-fileserver: 304
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63720b71-612dd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 5f53c090cfa4cc6edb47ba50a5758f4b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 20 Nov 2022 01:15:54 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

7 KB
3 KB

51ms
51ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 340931
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHZ0GW5HXC1HBGAFZNW6K8PP-lhr
server: cloudflare
etag: W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76ccef0cba487539-LHR

Redirect headers

date: Sun, 20 Nov 2022 00:05:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GJ95HW2XQQJWKSY3GA9Z48A4-lhr
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 111
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 76ccef0c6a0a7539-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

688189de508e152be5fc1ca7b67e674b3e8127b6a955eb1d24179fc41976489c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 20 Nov 2022 00:05:24 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 176ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 23:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Nov 2023 23:25:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
746 B 181ms
66ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Sun, 20 Nov 2022 00:05:24 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 79ms
79ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 2f9f144d8287d57922661dadae611a3d8c60844cdd79fbfcb71bddf697666c3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Tue, 20 Dec 2022 00:05:24 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 40E3 5 KB
3 KB 249ms
81ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 03e97fc08045d85a5ef69225fc50f95aef2299af0ac77c2d4e3e90483d75e90c

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:05:24 GMT
etag: PRIVATE7520710249
expires: Tue, 20 Dec 2022 00:05:24 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
340 B 190ms
61ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oeb90&_p=2059437598&_gaz=1&cid=1025344381.1668902725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668902724&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=page_view&_fv=1&_nsi=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
331 B 168ms
56ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=1025344381.1668902725&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 190ms
69ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=1025344381.1668902725&gtm=2oeb90&aip=1&z=1574608436

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
39 KB

183ms
61ms

Script
application/javascript

2600:9000:2057:1400:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 2600:9000:2057:1400:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 23:41:32 GMT
content-encoding: br
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1433
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: R2LuHBE-TvvPrwQYHgzwXwJmB-gwqpUmOgJgrqmMC3Tn9ftSFgnbBQ==

Redirect headers

date: Sat, 19 Nov 2022 22:41:14 GMT
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C1
age: 5050
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: lsPvizsrYOQSDZ4aAwCl8QDiHuMiKHgsqakQfHUjJLPKXdaGKRT3jQ==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 210ms
93ms Ping
text/html 2400:52e0:1e00::874:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?NVR;desktop;C;page_desktop;d80353|f40dad
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::874:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 235 KB
75 KB 54ms
53ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-1055 /
Resource Hash: cbb02ec2523b25ad3cea9279c84bfb6dd307734761193a1eb558d416942d3337

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-199
cdn-cachedat: 11/18/2022 20:21:16
cdn-pullzone: 139012
last-modified: Fri, 18 Nov 2022 20:20:00 GMT
server: BunnyCDN-DE-1055
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6377e8f0-3abd2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: d70f9a20e59e8f0d0372bba5a2dd7e8a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 179 B
874 B 162ms
54ms XHR
text/plain 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE-1055 /
Resource Hash: b1cd268ac046b856ae534178251d3f8fd3137aa0a963bd9f56f7afcd9ea93d52

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-197
cdn-cachedat: 11/19/2022 08:30:59
cdn-pullzone: 139012
last-modified: Sat, 19 Nov 2022 08:30:21 GMT
server: BunnyCDN-DE-1055
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6378941d-b3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: 95af83ce12d2268addac4b3c8523c7be
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 307ms
153ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0zNjU0ZDlmNi01ZjdmLTQxOTktYWJiMi0yM2ZmNTc4OWQ3MWE%3D&pt=gross&stid=1b429620-2b23-4d82-8d52-d577218fcbdb&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 275ms
157ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

dd3ed3312f508fc5d9d61678267d5a4a10515863b069312daa40c4c4a9f8607c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:24 GMT
AN-X-Request-Uuid: d34f901c-7441-4740-8d3d-9d5cf69a8e11
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
793 B 292ms
121ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=3654d9f6-5f7f-4199-abb2-23ff5789d71a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07218561844597304
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7cddc06431d1381eacf19fba1c0f1ee6afa137e1b7c0becc84989d5ce4c7c29e

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 10 KB
3 KB 342ms
179ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 848fd335e7ee7d53c20523b514a2532081e29ae85049039259b9c61495e6be5f

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Sun, 20 Nov 2022 00:05:24 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
276 B 135ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 00:05:23 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 179ms
58ms XHR
application/json 3.64.191.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.191.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-191-9.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
accept-ch: sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 181ms
66ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=76355616248

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 00:05:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 4 KB
3 KB 242ms
144ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215325a3acb77fe1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22d213ae40-68fb-4b86-9cbc-771f4345009c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216abff2b2c9796b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2216abff2b2c9796b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d1aac7c55e9e31d2bd8097c4139a51d0a827ffa5e780d23626d74ce75b3b559

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9Wym9A4sd5nKDF8QYB8H0uXwnZrxz5n623lV8qSlrRRYTmXqf8ph9nyoM62Gk4qfzM4hS8HCYUaDBW3NXy6Hrh9I0uWCHWD9%2Bx6wrgD3c51kW5R4ZFs1Hi5KluplIXGcH%2BVAY7H"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 76ccef0dbb9b7774-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
637 B 168ms
61ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 530624e1e416c913833b729fa8ac5e8f3390b722e1b7a44ed973968bf9a6d4a5

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 00:05:24 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 72ms
57ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51943557-1&cid=1025344381.1668902725&jid=1865062683&uid=0&gjid=1190975421&_gid=2135892875.1668902725&_u=YCDAgEABAAAAAEAAI~&z=2064695205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 20 Nov 2022 00:05:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 162ms
53ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2059437598&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1865062683&gjid=1190975421&cid=1025344381.1668902725&uid=0&tid=UA-51943557-1&_gid=2135892875.1668902725&gtm=2wgb90WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=A&z=159660604

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 02:42:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76949
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 191ms
69ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=1025344381.1668902725&jid=1865062683&_u=YCDAgEABAAAAAEAAI~&z=265645412

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 68ms
68ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=1025344381.1668902725&jid=1865062683&_u=YCDAgEABAAAAAEAAI~&z=265645412

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1668902724794/
Redirect Chain

https://gaua.hit.gemius.pl/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv....
https://gaua.hit.gemius.pl/__/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
426 B

158ms
158ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=KrtnSvdj81sxFTvbI4XMHHPaXDU.tN2HDPDiE0XEPff.j7uSBZ9OHXuVe1vel8fRmxI4wcPaM7Y1xBMdOx5i8QsuJKzQ/E1tpBj5t.Di.2/&fpdata=grVs.AUE813FCqvzyzDLQ0yhNOoWqkobMCkzw67UXSn.e7&ltime=279&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63796f441ea3feda&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: a43e661758190ef3c3370b50628721debf344df69095cb893ce6028c14381ef6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sat, 19 Nov 2022 00:05:24 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:24 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1668902724794/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=KrtnSvdj81sxFTvbI4XMHHPaXDU.tN2HDPDiE0XEPff.j7uSBZ9OHXuVe1vel8fRmxI4wcPaM7Y1xBMdOx5i8QsuJKzQ/E1tpBj5t.Di.2/&fpdata=grVs.AUE813FCqvzyzDLQ0yhNOoWqkobMCkzw67UXSn.e7&ltime=279&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63796f441ea3feda&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 19 Nov 2022 00:05:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 196ms
67ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 190ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 646 B
359 B 208ms
95ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c96a709d850180874cfecc861b93236aba6caafd17a495cadc5e21b1b14ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBC5 6 KB
3 KB 212ms
65ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:05:25 GMT
expires: Mon, 20 Nov 2023 00:05:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 508ms
508ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2046805425873965&correlator=679905135519807&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=2108748194&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_adpartner%3Dbanner%26hb_source_adpartner%3Dclient%26hb_size_adpartner%3D300x600%26hb_pb_adpartner%3D1.00%26hb_adid_adpartner%3D22082386f71ecd1%26hb_bidder_adpartner%3Dadpartner%26hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x250%26hb_pb_ix%3D1.40%26hb_adid_ix%3D2032df97fb07da4%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D1.40%26hb_adid%3D2032df97fb07da4%26hb_bidder%3Dix&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DC%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1668902725015&lmt=1668902725&dlt=1668902724097&idt=720&adxs=1114&adys=934&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1025344381.1668902725&ga_sid=1668902725&ga_hid=2059437598&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05686b68e1d090b15e003a090e4bec70dc3f8dc7bcc798a7c16e00ef74153052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11807
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 54ms
54ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 18:44:53 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
age: 19231
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: adDRs82lAiNo-wuLGfAUnILDAKrw6wUvKGaAWCMUVR6KcUo8Em8KjQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
455 B 230ms
91ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=6TYOgHWymJAOL&cb=0&ws=1600x1200&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_198406323%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_272545438%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: JSGSF0QZ1AHZ9JA18G96
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: l59GOcVRmkR0nVnoYccms1KSiYyD8-Lsr2X_qVOCQUuJI36mTW79OA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 162ms
54ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
date: Sat, 19 Nov 2022 03:05:19 GMT
x-amz-cf-pop: FRA56-C1
age: 75607
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zLCf1mc7xjlxF8BcCVyb-SLWXvIfM9Ha0IuQEOV_FjhiPZ01fOk-OA==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 185ms
69ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d12d1f3a278709d0684b1ea9bf23747bd350d5ab7eceb71731e144582967b30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11245
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 206ms
90ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 00:05:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9765 13 KB
5 KB 177ms
58ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 8214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 21:48:31 GMT
expires: Sun, 19 Nov 2023 21:48:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA3C 783 B
535 B 205ms
93ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a9cae375f58602a9c815e77a00847d590c38c83a8295434a46298c579d1ba6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xkrSbqblPGnSBwcwzNH6wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-xkrSbqblPGnSBwcwzNH6wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:05:25 GMT
expires: Sun, 20 Nov 2022 00:05:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 8D86 221 KB
61 KB 208ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 453391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8D86 14 KB
5 KB 303ms
149ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 453391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8D86 94 KB
28 KB 307ms
153ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 453391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8D86 5 KB
2 KB 329ms
175ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 453391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8D86 40 KB
13 KB 331ms
176ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:54 GMT
age: 453391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:54 GMT

GET
DATA 200
OK truncated
/ Frame 8D86 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78a9666ae4cb5db5f14aa7869fbe8913ac2f59206fa0c8cc6a3ac2bc1fbf231e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 15296274458935259469
tpc.googlesyndication.com/simgad/ Frame 8D86 67 KB
67 KB 118ms
65ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15296274458935259469

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03ddfb93e7fecd84fc713ed7e08a106597d61f5aca698a06482962c331cccb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 08:59:48 GMT
x-content-type-options: nosniff
age: 313537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68538
x-xss-protection: 0
last-modified: Fri, 14 Jun 2019 12:04:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Nov 2023 08:59:48 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8D86 3 KB
3 KB 123ms
70ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 17822
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 20 Nov 2022 19:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8D86 344 B
368 B 121ms
67ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 49383
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 20 Nov 2022 10:22:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8D86 0
0 103ms
103ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6bxORW95Y9SFBdSs9u8PlPO_cN2c0YJl7er6mKANz5fw0KwLEAEg9PnnY2CVAqAB3fOJwgPIAQOpAnNp6beoUrE-4AIAqAMByAMIqgT5AU_QGycq6Oow-5jCKvm34_D8GGo1BPZIXwvCEtR-WpVkWnrsHcEQvgX8WKBH1BSHFflJunKnJXhxFwIwnpvqixQDAqiPkRnpSBxFIk6L1dsxcIVpI840wHujAUTOQ-lbKeXwe__MqIBteLq-yXaXEIVY_nfkZzkIVfOxn3juAZChDxnF7T07OYd-ZOkdM9dCqC168iCEGAZCQs-mkpuNO2axZCpoKC0kuLIkr91_w2zx-FGsv38_FIQen27zI2ebd_bplGfchUsV1K6MKMkuSPcGLt6Xf-inDTWd8o9RVfyyhrohJeuOmxqR6lcwYGxuWKM6YnkTZNKtT8AEkP-Yq80B4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB4uM9j2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVnBvSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=nYE8XDlriuU&uach_m=[UACH]&cid=CAQSTADq26N9bIPW7DzSOCFNvmRkjtv6hBtIcUdFzs8BUUxgiNT2iE01X-zPg487voGxZNTYXkrV0y6JQR-PhHaJOol3dpupI0Njh9HMqKQYASAT
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 173ms
57ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Nov 2022 00:05:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA3C 0
0 204ms
88ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2046805425873965&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9765 36 KB
16 KB 168ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 18:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 18:47:17 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

178ms
63ms

Image
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Nov 2022 00:05:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 675E 15 KB
6 KB 195ms
63ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 00:05:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 454142
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 189ms
64ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Nov 2022 00:05:26 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9765 0
10 B 57ms
56ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gCF-sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 675E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RI7ndXw1UEhCV1FjRHBjTEtlSUZ6Zkh0QWVRK1d0Z0xhb0hjNDBaN3hkVDhKSlQreG9sRFozbDhNTGtXUXc5LzA0Y0hReGEzNTZzR3Z2RGpOalNseDJjcGxENVM1alNZaWhrUi9mV29sb3RRSm1UWEJET1I1eWtldU9SbW...

431 B
654 B

181ms
63ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RI7ndXw1UEhCV1FjRHBjTEtlSUZ6Zkh0QWVRK1d0Z0xhb0hjNDBaN3hkVDhKSlQreG9sRFozbDhNTGtXUXc5LzA0Y0hReGEzNTZzR3Z2RGpOalNseDJjcGxENVM1alNZaWhrUi9mV29sb3RRSm1UWEJET1I1eWtldU9SbWhieUhLMTRMc0RFdmk2Q01MQ1VWRzJTVng3ZDM3RFQ5dFZkSjl1NWhiUFlsQ3dDdjRTazZTMHlEc29HdlI2TFpxbE4wbStuMEYrTFoxamVEcTdGSm5jQTVCOEZxRjQ0eFJaNGV3SmUrckFlLzAreXc5cmNhYlljWEowT0VFOHFxbUxwTFRLSVRZdHBINVkvaWppQUkzaER6eGJocmVqQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96535f1c083c0e8147f45289b262d43da112227b04ad4e82c4a6b5ade2ad0e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7471254
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=RI7ndXw1UEhCV1FjRHBjTEtlSUZ6Zkh0QWVRK1d0Z0xhb0hjNDBaN3hkVDhKSlQreG9sRFozbDhNTGtXUXc5LzA0Y0hReGEzNTZzR3Z2RGpOalNseDJjcGxENVM1alNZaWhrUi9mV29sb3RRSm1UWEJET1I1eWtldU9SbWhieUhLMTRMc0RFdmk2Q01MQ1VWRzJTVng3ZDM3RFQ5dFZkSjl1NWhiUFlsQ3dDdjRTazZTMHlEc29HdlI2TFpxbE4wbStuMEYrTFoxamVEcTdGSm5jQTVCOEZxRjQ0eFJaNGV3SmUrckFlLzAreXc5cmNhYlljWEowT0VFOHFxbUxwTFRLSVRZdHBINVkvaWppQUkzaER6eGJocmVqQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 564952
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
90ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2046805425873965&bg=!DQ6lDkrNAAbvMpMzzzI7ACkAdvg8WiOrWz7rcqPc9zCK-MA7rGGfs59Kmk5OW-baHmH-Q_6_G45fUwIAAABVUgAAAApoAQcKAAZltS1GYD-ZApjNosfBECJ7uIjKqBghi9RSnhnUAhSD-6HSeBKlD5ViYgEEpUV1QQ8ND4Ni6zJgcF7B2B16LuZIXOc-OLHCplF9Ryp2_539U8I41aREz2G9PVbd3xyMCArJ3BHaWLj-wP-66ErkZpI5sM8Zz17FkKetnbzOVFjM0l_1JItlHinsBe3h4rwjWzFIDMntxr5MmLysVGwC8UzvDEV8VIzHMUDmeR8p8KGy0IjymG8dUEvEDabW-ZwUH6KM798qc6FEXQBFJzcA3Ehg8jtOAp4jRUFqU8TV4c0T9cmo2vPKXad-KG9SBkCGrt8Crm8OZHkWP9_gSiS8qDrr7bMixgtromkH_VTVZETEQJnaMleRZFyMUvtrCIQ-avJsEQb46dxvpyFWmLPSIDPfKfiOAZ38hf-ex2T5uP6WTMGPg0mDcpYdvzw0CTfqPbp14JKVc_e5GCJh1X2eoQQb4tlW6WriOtdcuZPhET7eek1Zrvt2jZp45YPs3e1O7bqAX5zp-fD8CZDmMHHdXWhYoS-Xo1hGoNxcMFwlS-lEN0AT49YTMrRPUk_ZCvTqXkjKvllBHAS-pfeOI3Zaaz9mlhRps_XsZNbzLY_ra3w6x3pv5dRXzxsGGH6S-YdbUqVPq1DyRjhTHBKhkIBzNZSe92FGBj08UAiQebJlWg099BvWlpak6OFHUoudBhhqZ0uTFIsYKVzySh0mJzc7mOhrfN5mMn4lgJqoYiM2jCMYb0H8Kwbt-WCwDRMY4q0-xo6pzuXq3NKuQ0REDPODMrqKNiE-wxtNPLUzhmpgE7iS6aQ5l6Bet_Z3g7Pif0m_S5waL0uhuwItO78KuWDv5FX0wfsN4HSszABPWQM-2I2YHk07Pv2kqMPxUPzh80deYmVY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 728F 37 B
140 B 167ms
58ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 20 Nov 2022 00:05:28 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A3F5 281 B
554 B 180ms
57ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Nov 2022 00:05:28 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame FA3D 3 KB
2 KB 153ms
49ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1186
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 76ccef22d8cc7193-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 00:05:28 GMT
expires: Sun, 20 Nov 2022 04:05:28 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A93E 52 KB
17 KB 170ms
53ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 69778
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 20 Nov 2022 00:05:28 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 60, 806995
X-Served-By: cache-lga13626-LGA, cache-hhn4040-HHN
X-Timer: S1668902728.157624,VS0,VE0

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 3799
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

131ms
85ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8439c08b6c7cbd207352f1e055573cdac36c4991f288e1a9f270e923ae1f85b

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76ccef249b28065e-LHR
content-encoding: br
content-type: text/html
date: Sun, 20 Nov 2022 00:05:28 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ba%2F8lS4kavKWOf42BScrNoLTLbjbiHaIjTD%2Bd378hiFX6Pd42dEyIs7f9KCQJibucjT5Mxr4Tyos1Q90X4dAB7EqhEOJfcvm%2BsucFwKPssAxIfHx39kotrDgrFyg4aTK6tluc3zHykh8lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76ccef23d8f0f423-LHR
content-length: 0
date: Sun, 20 Nov 2022 00:05:28 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjKrAHdPH%2F4h5nd7Tk975%2BqJGePXLKo3oPCUXMvXBDDjPYOoH54qM68Nh0JDshLl8r47CHXdNsE2tSebxxQ0NVcpsTevfvJNNDq3nlrCTeswMYkX%2FueyBqa8SjfUDF8wk3bsH6GM1rtnqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A3F5 34 KB
10 KB 57ms
57ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 00:05:28 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 05:41:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20181
Connection: keep-alive
Content-Length: 10066
Expires: Sun, 20 Nov 2022 05:41:49 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A93E 0
743 B 55ms
55ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:28 GMT
AN-X-Request-Uuid: 2c2ec441-07ef-4c69-b2b9-2309bae30f87
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A3F5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOLLBZ1-26-D08A

0
706 B

306ms
173ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOLLBZ1-26-D08A
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CDBCD66A56494821929D4B3D2748B63F Ref B: FRAEDGE1105 Ref C: 2022-11-20T00:05:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXt27JQzOGNKnaGbeZ8Bw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAOLLBZ1-26-D08A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A3F5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M7CcPQXSRDO8AUmzDl32ug&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=M7CcPQXSRDO8AUmzDl32ug

43 B
720 B

128ms
128ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=M7CcPQXSRDO8AUmzDl32ug

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T65ZN90JWE8G4D64FKNK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=M7CcPQXSRDO8AUmzDl32ug
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3F5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/LYIo06tk8Paaht3YozhF4sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=600673274975471855

0
239 B

76ms
56ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=600673274975471855
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 20 Nov 2022 00:05:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=600673274975471855
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3F5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOtK4xbrZuRrXwwIv_UkM-Y&google_cver=1

0
239 B

230ms
56ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOtK4xbrZuRrXwwIv_UkM-Y&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOtK4xbrZuRrXwwIv_UkM-Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A3F5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=NbYa1SYcTqmqAtAYWmLPRg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NbYa1SYcTqmqAtAYWmLPRg

43 B
479 B

125ms
125ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NbYa1SYcTqmqAtAYWmLPRg

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GE8YFX48NRC79Y5BWCD1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=NbYa1SYcTqmqAtAYWmLPRg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A3F5 70 B
265 B 196ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3F5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZhMTllYjgyMzUyZTE2OGMxMzk0YzFlZjYxNTliZmJlNjUyN2VlNQ

170 B
188 B

192ms
72ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZhMTllYjgyMzUyZTE2OGMxMzk0YzFlZjYxNTliZmJlNjUyN2VlNQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzZhMTllYjgyMzUyZTE2OGMxMzk0YzFlZjYxNTliZmJlNjUyN2VlNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3F5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTExCWjEtMjYtRDA4QQ==

170 B
188 B

186ms
70ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTExCWjEtMjYtRDA4QQ==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPTExCWjEtMjYtRDA4QQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3799
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3lvSBZojWX.7xBrXyGSGAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFJmHduNEyZxlr8jHnvvFBg&google_cver=1&google_hm=2

43 B
765 B

57ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFJmHduNEyZxlr8jHnvvFBg&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFJmHduNEyZxlr8jHnvvFBg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 3799 70 B
264 B 55ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 3799
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&dcc=t

43 B
855 B

129ms
129ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R5CCP5YFP1H85C46DH7H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 60YTMQAAJ29YHCDPHZWR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 3799
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3lvSBZojWX-7xBrXyGSGAAAAq4AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMPAVkekAKbkBGSE4GIXRFk&google_cver=1

43 B
842 B

78ms
77ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMPAVkekAKbkBGSE4GIXRFk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPuugBR18BE1dBqVKDM6zWs4zqI7teoccrsHZqj7lhy9C81CZ5R%2F6Ln6VHYuTp9TXUo0e19Ccik7OtLUKzxLUx%2FwmThGro4hxogZSi%2B4D3FpOKPJ6LsW4i1MMREamNg%2BjsVKpymj3HT89A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76ccef25dc44065e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMPAVkekAKbkBGSE4GIXRFk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 3799 43 B
433 B 231ms
53ms Image
image/gif 54.195.231.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.231.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-231-201.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 3799
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684541128&external_user_id=9d726868-fe85-441b-bb13-2fb8003e4844

43 B
765 B

108ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684541128&external_user_id=9d726868-fe85-441b-bb13-2fb8003e4844
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:28 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

date: Sun, 20 Nov 2022 00:05:28 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1684541128&external_user_id=9d726868-fe85-441b-bb13-2fb8003e4844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 3799 42 B
181 B 191ms
55ms Image
image/gif 2a05:d018:cc3:fe04:3eca:3e11:a642:4dca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:3eca:3e11:a642:4dca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:28 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 3799
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14c402b-a78c-404f-81ea-985b40a3cb6d&ssp=index&gdpr=&gdpr_consent=

43 B
356 B

183ms
63ms

Image
image/gif

34.98.67.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14c402b-a78c-404f-81ea-985b40a3cb6d&ssp=index&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 34.98.67.61 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:29 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a14c402b-a78c-404f-81ea-985b40a3cb6d&ssp=index&gdpr=&gdpr_consent=
date: Sun, 20 Nov 2022 00:05:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 3799 43 B
352 B 158ms
53ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y3lvSBZojWX.7xBrXyGSGAAA%26686
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 00:05:28 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 5664
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76ccef2609698877-LHR
content-length: 43
expires: Mon, 21 Nov 2022 00:05:28 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A93E 0
743 B 55ms
55ms Script
text/html 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 00:05:29 GMT
AN-X-Request-Uuid: 891bdb30-7168-49f0-8638-b0774f4a9fe9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 170ms
61ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oeb90&_p=2059437598&cid=1025344381.1668902725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=2&sid=1668902724&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=ad_impression&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&ep.query_id=CJS835C7u_sCFVSW_QcdlPkPDg&_et=1020
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 00:05:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 07:35:03	Name: XSRF-TOKEN Value: eyJpdiI6IkdJK3dvdTA4bTFnOUhrVmJUR2RqQUE9PSIsInZhbHVlIjoiaTVISzVMTzYxQVdBVkt0TldVcUdyZHhJcGhQam5kYXBJYURZNFRpN3ZOWFlpS0xQSGJtcVIrMTQ2UHFDc3lndzRqbXFnSEhxUGVkRnBlMkdRKzB6MHBXNHNtbFRuWllyb083NGZIS2F6cU9OUnYvMzB5aFUwMzZjdTJDZm0yTysiLCJtYWMiOiJjYzNlZjJlOWQ3NjcyMWU3ZTk1MGIyMzRhYTNhMmNiN2QzMDkzNjcxNDY0NDJjNmZkYzIzOTA1MDk3M2JjNjBiIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:35:03	Name: nvnew_session Value: eyJpdiI6ImtWOUwyT25jdmlpK1J6L2pya1FPenc9PSIsInZhbHVlIjoiTDIzQ09TSG9iR283bFZnTFI3aDN5S0dXYTl5R0Fjak80TWNLRklTNFNnMnRyNWhFSmxmU0FKK2FFY0RmMFJjTjQyS1ZsTGwvd1RJZXlkWjdLaTlTN2gvRUdaMzlHZWhWdjNVbmVDcDlPT2RRc1Z2UTE5cDBveGlMVEQwcXdsVFUiLCJtYWMiOiI2NjczYzNkOTZiMWRlYWE4ODQyMzVhZmJlZjc5NWFkMjVmYTI3YzJjM2IyZTVmNzA5M2RmZDhlYWQ4ZGNlODllIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:35:03	Name: device_type Value: desktop
.nv.ua/	1969-12-31 23:59:59	Name: test_variant_session Value: A
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 08:18:14	Name: yield_master_ab_nvr_newbidder_go2net Value: C
.nv.ua/	1970-01-20 09:44:38	Name: _gcl_au Value: 1.1.82965182.1668902724
.hit.ua/	1970-01-20 17:11:02	Name: uid Value: 3615340443.1668902724.1850836201
.nv.ua/	1970-01-20 17:11:02	Name: _ga Value: GA1.2.1025344381.1668902725
.nv.ua/	1970-01-20 07:36:29	Name: _gid Value: GA1.2.2135892875.1668902725
.nv.ua/	1970-01-20 07:35:02	Name: _dc_gtm_UA-51943557-1 Value: 1
.nv.ua/	1970-01-20 17:03:50	Name: __gfp_64b Value: grVs.AUE813FCqvzyzDLQ0yhNOoWqkobMCkzw67UXSn.e7\|1668902724
.hit.gemius.pl/	1970-01-20 07:45:07	Name: Gtest Value: KlSUKMMGQMQGSiioAQryH92issGMXP8c25nSGuKmwHK8XBG.
.adnxs.com/	1970-01-20 09:44:38	Name: icu Value: ChkIra6AARAKGAEgASgBMMTe5ZsGOAFAAUgBEMTe5ZsGGAA.
.adnxs.com/	1970-01-20 09:44:38	Name: uuid2 Value: 6245368333158097345
.rubiconproject.com/	1970-01-20 16:20:38	Name: khaos Value: LAOLLBZ1-26-D08A
.rubiconproject.com/	1970-01-20 16:20:38	Name: audit Value: 1\|naVuGyos1qrNvOL9a2YtD62qEsFCZ0ctSdOhPT1GMTm4dorU8DsKfUgUSF3RRAcgqzSne0l760vHH+5S0WTXOH7y6MIaC84S
a4p.adpartner.pro/	1970-01-20 09:01:26	Name: apuid Value: 2a729a7f-9058-41b3-8435-38d4d1775ab1
.hit.gemius.pl/	1970-01-20 17:03:50	Name: Gdyn Value: KlxUKRXGQMQGSiioAQryH92issGMXP8c25nSGuKmwHK8FRxSG7RrGS6GY9cBFlM2xgGPo1RGF8CBI8l8MG..
.nv.ua/	1970-01-20 16:56:38	Name: __gads Value: ID=b9e61125460de18b:T=1668902725:S=ALNI_MbxVNpvy1sMysfzQ8AkoECDiqZI6A
.nv.ua/	1970-01-20 16:56:38	Name: __gpi Value: UID=00000b8428359771:T=1668902725:RT=1668902725:S=ALNI_MZkJNCddv06BoYqO9fZ5pWXb-cXvQ
.nv.ua/	1970-01-20 17:11:02	Name: _ga_52RSPD3WMK Value: GS1.1.1668902724.1.0.1668902725.59.0.0
.doubleclick.net/	1970-01-20 16:56:38	Name: IDE Value: AHWqTUkeEbKl_94pdTEvN6sIostYZbSu0OfWFfn__GwmBmHpWyUD4nQwM1z6wSV-7cE
.criteo.com/	1970-01-20 16:56:38	Name: uid Value: a14484d2-7cf9-43a4-b8f6-94b297522896
.doubleclick.net/	1970-01-20 07:35:06	Name: DSID Value: NO_DATA
.nv.ua/	1970-01-20 16:56:38	Name: cto_bundle Value: HNjp0F8zWUclMkJwRTJubTltbFYlMkJkS0JoSGxDTVhWV2U0N292JTJCOGNjR0xtZG03cWozQmF4SkJIUk5PemZvbUt4eDZxNmY4Z1czSVJrVkhFb3VtJTJCeUFyajJHNWxtRDBYbTdmV0pIWWlIM0p2dnJmVEF3cnp5eXpkS0xQUlJMY1VwamdMUE5nendIT0NLNGxMZjZiNGppa2s1STN6USUzRCUzRA
.casalemedia.com/	1970-01-20 16:20:38	Name: CMID Value: Y3lvSBZojWX.7xBrXyGSGAAA
.casalemedia.com/	1970-01-20 09:44:38	Name: CMPS Value: 686
.casalemedia.com/	1970-01-20 09:44:38	Name: CMPRO Value: 686
.casalemedia.com/	1970-01-20 09:44:38	Name: CMTS Value: 5210
.yahoo.com/	1970-01-20 16:21:00	Name: A3 Value: d=AQABBEhveWMCEKyMG2-RhNAIm0KXxpGGHcwFEgEBAQHAemODYwAAAAAA_eMAAA&S=AQAAAno8Nea42x9Vvl5Qh_pOaB0
.company-target.com/	1970-01-20 17:11:02	Name: tuuid Value: 9d726868-fe85-441b-bb13-2fb8003e4844
.company-target.com/	1970-01-20 17:11:02	Name: tuuid_lu Value: 1668902728
.amazon-adsystem.com/	1970-01-20 17:11:02	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:20:38	Name: bcookie Value: "v=2&8d4edb4d-cd43-4c22-80c3-c59d7f99b175"
.linkedin.com/	1970-01-20 11:54:14	Name: li_gc Value: MTswOzE2Njg5MDI3Mjg7MjswMjEH5TvPGqTrqAEbEJwAFP2vJXax1Jggj4X2OHAw07UwJA==
.linkedin.com/	1970-01-20 07:36:29	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2737:u=1:x=1:i=1668902728:t=1668989128:v=2:sig=AQGpsZVrhtndeLGD1YyonNuY5RXn91oe"
.bidswitch.net/	1970-01-20 16:20:38	Name: tuuid Value: a14c402b-a78c-404f-81ea-985b40a3cb6d
.bidswitch.net/	1970-01-20 16:20:38	Name: c Value: 1668902728
.bidswitch.net/	1970-01-20 16:20:38	Name: tuuid_lu Value: 1668902728
.amazon-adsystem.com/	1970-01-20 12:56:09	Name: ad-id Value: A7ok9Lzmi0SOogvH0yZMQwQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0333516e61cf36cb221a6adf04babee8.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
cdn.ampproject.org
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
d.adroll.com
d3div1mtym39ic.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
nv.ua
odr.mookie1.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s.company-target.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ym-tack.b-cdn.net
104.109.78.125
104.18.33.19
142.250.186.34
146.59.30.96
151.101.1.108
172.64.151.162
172.64.154.237
178.250.2.146
185.80.39.216
185.89.210.20
2001:4860:4802:32::36
216.52.2.19
2400:52e0:1e00::1055:1
2400:52e0:1e00::874:1
2600:9000:2057:1400:11:1ed0:3900:21
2602:803:c003:200::41
2606:4700:10::6816:3649
2606:4700:10::ac43:175a
2606:4700::6810:7eaf
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9c
2a02:2638:1::1a
2a02:2638:1::3
2a02:2638::1c
2a05:d018:cc3:fe04:3eca:3e11:a642:4dca
2a05:d018:d29:3602:2956:3dc:3306:4aa5
2a0c:5c81:5142::2
3.64.191.9
3.66.5.109
34.96.71.22
34.98.67.61
37.157.6.233
51.83.220.94
52.223.40.198
52.46.130.91
52.94.222.140
54.195.231.201
54.37.238.28
65.9.71.118
69.173.144.139
69.173.144.165
76.223.111.18
89.184.81.35
99.86.3.236
03ddfb93e7fecd84fc713ed7e08a106597d61f5aca698a06482962c331cccb5c
03e97fc08045d85a5ef69225fc50f95aef2299af0ac77c2d4e3e90483d75e90c
04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05686b68e1d090b15e003a090e4bec70dc3f8dc7bcc798a7c16e00ef74153052
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
14473e76e60b4da118d83d6c40eb6b10cfc879cb84d99862d94f906eab446b14
1854066cc5a52b714ee6d763be504451b0aeefbd77d90aa21ec5b126ea132b31
1a96a639f569e1022a1701be93d0e44e6134185e764a608ccf06db0a5af77fce
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15
285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b
2f9f144d8287d57922661dadae611a3d8c60844cdd79fbfcb71bddf697666c3c
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
431c54d3ab522162f1c2602164f998e86f9897409967b3deadb81b84ce867962
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5187eabe81f609941b72b028440781ec1188bb207f06cb4e6749abe68ec4c555
530624e1e416c913833b729fa8ac5e8f3390b722e1b7a44ed973968bf9a6d4a5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5511473432c598d63e4ecb8cbf573eb59137335308965215a13401b1eef7f96d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
59813bf2252ee85850dbd0679d4b9b8a92de6faa7267caeef2ebc17e8aaec2a7
5a9cae375f58602a9c815e77a00847d590c38c83a8295434a46298c579d1ba6c
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8
66aa093f93cdde791f7b134add6d48542fc4a28c3301a28fad7799b70b3f1efa
6844bfac6cf0266eeb6240223a0d6c6307c6599ff501935267b5f92601c3c5ee
688189de508e152be5fc1ca7b67e674b3e8127b6a955eb1d24179fc41976489c
69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657
6d1aac7c55e9e31d2bd8097c4139a51d0a827ffa5e780d23626d74ce75b3b559
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f2308550235c1ad5d554ee51e1f92a78f23ca8d9d9df73554bf5f12a12ce5cf
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6
78a9666ae4cb5db5f14aa7869fbe8913ac2f59206fa0c8cc6a3ac2bc1fbf231e
79f55f4e61697411b3e7315b135159bfd880705f4bb697f11b35047934be883c
7cddc06431d1381eacf19fba1c0f1ee6afa137e1b7c0becc84989d5ce4c7c29e
7e2642cfcd2d588fbc25af0067cbaed47cc904ec9e911df8e9673781f08af793
8072c13e215e3cef151ae981156a4dfad924a34def3c0143f6c3b82b26d69d6e
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fd335e7ee7d53c20523b514a2532081e29ae85049039259b9c61495e6be5f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e02cfa8d2e7c0999cbd9ecf21ad707d339d77d265af53cdd80f83696949690c
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
9624a10aaf49fb83667ab428efcb6399ec8b6c841aff0bc0dc6b9be5535b4aa6
96535f1c083c0e8147f45289b262d43da112227b04ad4e82c4a6b5ade2ad0e27
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a250249af55b275aa53e5590ff03d59e3a13ae85b035474cb0ba2caf83934357
a421196470e3b66f422c43be7f2b71baa9c9d8d1d61427fcafcc61fe4b3f220c
a43e661758190ef3c3370b50628721debf344df69095cb893ce6028c14381ef6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a8db819cede40919ca07137900701d9f5ca5e1f176e5217ecbe6884df3a1ab26
abeddf7139d4f376244097d104c0cb2412e4d7dfaea41e633e3d9dea8d5f2479
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cd268ac046b856ae534178251d3f8fd3137aa0a963bd9f56f7afcd9ea93d52
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7c96a709d850180874cfecc861b93236aba6caafd17a495cadc5e21b1b14ef1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3501d9c9d69b8359f465c834b07ad69bf689b9dc070476dd10d0f279222cc1
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bfe9ec67947b0df13337ddd32e9434c16c4d7da9ae01e7f00f670579a4d601cc
c00f84fd9dc8de5daa4ffb968a350c0c1c0f412543ddd4ebaea4098cf4b4e57c
c02b4498ab30cdbf47ce694a9c03d0cb14225f733c1d546206c3a4854b9f1321
c1d51ae45c50840430b9c4ce1133c779130f66e68cd66a9fd79cf5e85b228969
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
cbb02ec2523b25ad3cea9279c84bfb6dd307734761193a1eb558d416942d3337
ce0b5866bb872f7570a991829c96421633b57842401e45347e93340644bdf7b3
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d12d1f3a278709d0684b1ea9bf23747bd350d5ab7eceb71731e144582967b30f
d263f4f9807307a8df173b9e18637ac09d89334f97587a955655d06fcb9b54bb
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3ed3312f508fc5d9d61678267d5a4a10515863b069312daa40c4c4a9f8607c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56cd2954526db90c734d732bae18813897b823dac73d1b0d1275d73722ae833
e8439c08b6c7cbd207352f1e055573cdac36c4991f288e1a9f270e923ae1f85b
e8a34d4a1e05df99f1f5b6a87cc8031e5176190f4d8cf1555cee8a96b3a1840f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f9e3f8eb981570cb1f8ab992021dc229d00ab2d936d2de0fa88855f460d1edbe
fa08895bc9c8e6c643c56ca4a90cc9f041881c450dca52b4c098a3bf3a868a91

nv.ua Open in urlscan Pro 2606:4700:10::6816:3649 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

87 %HTTPS

51 %IPv6

35 Domains

58 Subdomains

53 IPs

13 Countries

1991 kBTransfer

4068 kBSize

42 Cookies

108 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

87 %
HTTPS

51 %
IPv6

35
Domains

58
Subdomains

53
IPs

13
Countries

1991 kB
Transfer

4068 kB
Size

42
Cookies

129 HTTP transactions
1 data transactions