nv.ua Open in urlscan Pro
51.89.96.192 Public Scan

URL:
https://nv.ua/
Submission: On June 09 via manual (June 9th 2021, 9:28:40 am UTC) from GB

Summary HTTP 158 Redirects Links 121 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 21 domains to perform 158 HTTP transactions. The main IP is 51.89.96.192, located in London, United Kingdom and belongs to OVH, FR. The main domain is nv.ua.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 6th 2020. Valid for: 2 years.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	51.89.96.192 51.89.96.192	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
44	2606:4700:303... 2606:4700:3030::ac43:8f51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:48::67 2620:1ec:48::67	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
26	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	136.243.13.134 136.243.13.134	24940 (HETZNER-AS) (HETZNER-AS)
9	213.239.199.37 213.239.199.37	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
158	31

9 51.89.96.192 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: nv1.nv.ua

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:3030::ac43:8f51 (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:48::67 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.15 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s248.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.13.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h315.meetrics.de

s248.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.239.199.37 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h534.meetrics.de

b173.s248.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	weserv.nl images.weserv.nl	780 KB
26	2mdn.net s0.2mdn.net	209 KB
22	googlesyndication.com pagead2.googlesyndication.com 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	92 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	166 KB
10	meetrics.net s248.meetrics.net b173.s248.meetrics.net	3 KB
9	nv.ua nv.ua	696 KB
8	gstatic.com fonts.gstatic.com	137 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com adservice.google.com www.google.com	1 KB
5	clarity.ms 1 redirects www.clarity.ms c.clarity.ms	22 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	gemius.pl 1 redirects gaua.hit.gemius.pl	12 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de www.google.de	585 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	mxcdn.net s248.mxcdn.net	58 KB
1	bing.com 1 redirects c.bing.com	439 B
1	google.at adservice.google.at	799 B
1	googletagmanager.com www.googletagmanager.com	43 KB
158	21

	Domain	Requested by
44	images.weserv.nl	nv.ua
26	s0.2mdn.net	nv.ua s0.2mdn.net 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
12	pagead2.googlesyndication.com	nv.ua securepubads.g.doubleclick.net 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
9	b173.s248.meetrics.net	148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
9	nv.ua	nv.ua
8	fonts.gstatic.com	fonts.googleapis.com
7	tpc.googlesyndication.com	148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	nv.ua 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com nv.ua www.google-analytics.com
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
3	www.clarity.ms	nv.ua www.clarity.ms
3	securepubads.g.doubleclick.net	nv.ua securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	nv.ua
2	googleads.g.doubleclick.net	148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com nv.ua
2	www.googletagservices.com	securepubads.g.doubleclick.net 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
2	c.clarity.ms	1 redirects nv.ua
2	www.google.de	nv.ua
2	148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	counter.yadro.ru	1 redirects nv.ua
2	fonts.googleapis.com	nv.ua
1	ade.googlesyndication.com
1	s248.meetrics.net	s248.mxcdn.net
1	s248.mxcdn.net	s0.2mdn.net
1	c.bing.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.at	securepubads.g.doubleclick.net
1	www.googletagmanager.com	nv.ua
158	31

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
life.nv.ua
radio.nv.ua
podcasts.nv.ua
health.nv.ua
azart.nv.ua
shopping.nv.ua
promokodi.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
estore.ua
apps.apple.com
play.google.com
twitter.com
www.instagram.com
itunes.apple.com
facebook.com
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
ua.depositphotos.com
interfax.com.ua
ukranews.com

Subject Issuer	Validity	Valid
*.nv.ua GeoTrust RSA CA 2018	`2020-08-06` - `2022-10-12`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.google.at GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
meetrics.net R3	`2021-04-09` - `2021-07-08`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://nv.ua/
Frame ID: 295B7AF7A316CCADAF1B733DF401E181
Requests: 93 HTTP requests in this frame

Frame: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1C8DC3BB7622237F653033560CDD5EB6
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc
Frame ID: 1A8BC148367ADE1E5BA9E78264E6926D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 876C2607884C0F3D3B681450BB79DF9D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 309D8BCB6B85D29E5551023F74975121
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 097309782E06F6DF8D79358371CAE70C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
Frame ID: 258672CD6FEF64ED4540BAACA55CA9F6
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: 8FC3C7551F886761113FE42296493EB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

158
Requests

100 %
HTTPS

58 %
IPv6

21
Domains

31
Subdomains

31
IPs

8
Countries

2309 kB
Transfer

3678 kB
Size

5
Cookies

121 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_top
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://life.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_top
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/ru?utm_source=site&utm_medium=menu&utm_campaign=menu_top
Title: Радио

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_top
Title: Подкасты

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Экономика

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Финансы

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Компании / Рынки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/tech.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Телеком / IT / Медиа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/top-100-bogatyh.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Профайлы ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/publications.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Статьи

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/bizinterview.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Интервью

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/experts.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Эксперты

Search URL Search Domain Scan URL

URL: https://life.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Life

Search URL Search Domain Scan URL

URL: https://life.nv.ua/krasota-i-moda.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Красота и мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/lifestyle.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/blogs.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/health.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/lyudi.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/kids.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Дети

Search URL Search Domain Scan URL

URL: https://life.nv.ua/travel.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/food-drink.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/evrovision.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Евровидение

Search URL Search Domain Scan URL

URL: https://life.nv.ua/znamenitosti.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Знаменитости

Search URL Search Domain Scan URL

URL: https://life.nv.ua/horoscopes.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Гороскопы

Search URL Search Domain Scan URL

URL: https://health.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://health.nv.ua/medicine.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/nutrition.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Питание

Search URL Search Domain Scan URL

URL: https://health.nv.ua/fitness.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Фитнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/happiness.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Счастье

Search URL Search Domain Scan URL

URL: https://health.nv.ua/sex.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Секс

Search URL Search Domain Scan URL

URL: https://health.nv.ua/lifehacks.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/news.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Новости

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/articles.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Статьи

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/reviews.html?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Обзоры

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/
Title: Шоппинг

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/novoe_vremya

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ustoychivoe-razvitie-sustainability.html?utm_content=set_lang?utm_source=site&utm_medium=menu&utm_campaign=menu_sub_desktop
Title: Устойчивое развитие/Sustainability

Search URL Search Domain Scan URL

URL: https://estore.ua/
Title:

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/?utm_source=nv.ua&utm_medium=1&utm_campaign=
Title:

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/priotkrytyy-rynok-glavnye-promahi-otkrytogo-rynka-gaza-i-chto-s-nimi-delat-50164524.html?utm_source=nv.ua&utm_medium=1&utm_campaign=marketspriotkrytyy-rynok-glavnye-promahi-otkrytogo-rynka-gaza-i-chto-s-nimi-delat-50164524
Title:

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/news/tonneli-dlya-tesla-v-las-vegase-50164766.html
Title: Еще больше развлечений. В Лас-Вегасе начали работать тоннели Илона Маска

Search URL Search Domain Scan URL

URL: https://life.nv.ua/food-drink/sol-2021-andrey-skipyan-rasskazal-pro-kievskie-festivali-edy-i-premii-oteley-i-restoranov-50164755.html
Title: Соль и вино. Основатель национальной ресторанной премии Андрей Скипьян рассказал о своих новых проектах в 2021

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics/prognoz-vsemirnogo-banka-mirovaya-ekonomika-vosstanovitsya-na-5-6-poslednie-novosti-50164750.html
Title: Всемирный банк прогнозирует крупнейшее восстановление мировой экономики за последние 80 лет

Search URL Search Domain Scan URL

URL: https://life.nv.ua/znamenitosti/doch-uilla-smita-snyalas-v-yarkoy-fotosessii-foto-50164752.html
Title: В платье от Valentino. Дочь Уилла Смита снялась в эффектной фотосессии

Search URL Search Domain Scan URL

URL: https://health.nv.ua/medicine/ves-chastic-sars-cov-2-50164748.html
Title: Ученые подсчитали массу всех частиц SARS-CoV-2 в мире. Вы удивитесь

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/naftogaz-protiv-gazproma-ukraina-dokumentiruet-narusheniya-so-storony-rossiyskogo-monopolista-50164754.html
Title: Готовятся к новому арбитражу. Нафтогаз начал документировать злоупотребления Газпрома — Витренко

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/selskoe-hozyaystvo-v-ukraine-oroshenie-poluchaet-mizernaya-chast-zemel-kotoraya-v-nem-nuzhdayutsya-50164739.html
Title: Нужны инвестиции в $3 млрд. В Украине орошают только 1,5% земель, которые этого требуют

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/experts/vosstanovlenie-rynkov-cena-nefti-dostigla-maksimuma-kurs-kriptovalyut-poslednie-novosti-50164720.html
Title: Как плохие новости помогают рынку восстанавливаться, — обзор финансиста

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/salvador-uzakonil-bitkoin-kak-sredstvo-platezha-poslednie-novosti-50164731.html
Title: Первые в мире. Парламент Сальвадора узаконил биткоин в качестве платежного средства

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/dogecoin-mem-moshennichestvo-shutka-ili-rastushchaya-kriptovalyuta-kotoruyu-podderzhivaet-mask-50164599.html
Title: Инвестиции по приколу. Что такое Dogecoin и почему это уже не смешно

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics/skolko-nalogov-platyat-bezos-mask-baffett-i-drugie-bogateyshie-amerikancy-poslednie-novosti-50164721.html
Title: СМИ узнали, сколько налогов платят Безос, Маск, Баффетт и другие богатейшие американцы. В США проведут расследование утечки

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/krasota-i-zdorove/sekret-dolgoletiya-50164336.html
Title: До 100 лет. Шесть простых вещей, которые стоят недорого, но могут продлить вам жизнь

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/finance/pensiya-v-ukraine-rabotayushchim-pensioneram-pereschitali-vyplaty-komu-i-na-skolko-povyshayut-v-iyune-50164668.html
Title: Украинцам пересчитали пенсии. Кто в июне получит доплаты за апрель и май — Минсоцполитики

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/news/kurs-bitkoina-obvalilsya-50164538.html
Title: Индекс страха и жадности. Курс биткоина снова обвалился

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/puteshestviya-i-turizm/turciya-ekologicheskaya-katastrofa-stavit-pod-ugrozu-otdyh-letom-2021-50164293.html
Title: Экологи бьют тревогу. Почему туристический сезон в Турции под угрозой и куда ехать теперь

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/firtash-sozdal-logisticheskuyu-kompaniyu-nika-trans-logistika-nacelilsya-na-rynok-es-novosti-ukrainy-50164542.html
Title: Железка, буксиры и автоперевозки. Олигарх Фирташ создал логистическую компанию и нацелился на рынок ЕС

Search URL Search Domain Scan URL

URL: https://health.nv.ua/nutrition/pravilnoe-pitanie-letom-sparzha-krapiva-zelen-chto-vybrat-i-kak-prigotovit-dietolog-50164536.html
Title: Курс на зелень / Какие продукты необходимо добавить в рацион летом — советы известной диетологини 9 июня, 07:10 Питание

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/vladimir-pozniy.html
Title: Владимир Позний Руководитель EXANTE Украина

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/cena-gaza-v-evrope-gaz-podorozhal-do-maksimuma-s-marta-2008-goda-poslednie-novosti-50164726.html
Title: Максимум за три года и три месяца / В Европе продолжает дорожать газ 9 июня, 09:47 Компании / Рынки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/economics/akciz-na-elektroenergiyu-po-zelenomu-tarifu-minenergo-podderzhalo-iniciativu-novosti-ukrainy-50164719.html
Title: Сбалансировать энергосектор / Минэнерго поддерживает введение акциза на электроэнергию по «зеленому тарифу» 9 июня, 09:10 Экономика

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/aeroport-borispol-nazval-samye-populyarnye-avianapravleniya-v-mae-novosti-ukrainy-50164671.html
Title: Чартерных пассажиров стало вдвое больше / В Борисполе назвали самые популярные направления для полетов 8 июня, 20:38 Компании / Рынки

Search URL Search Domain Scan URL

URL: https://life.nv.ua/blogs/odinochestvo-kak-vliyaet-na-organizm-i-kogda-neobhodimo-obshchenie-psihologiya-50164657.html
Title:

Search URL Search Domain Scan URL

URL: https://life.nv.ua/blogs/kak-prigotovit-baklazhannuyu-ikru-poshagovyy-recept-odesskaya-kuhnya-savva-libkin-50164650.html
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/episodes.html
Title: Новые эпизоды

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/episode/3400.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=osobysti-finansy
Title: 7 минут

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/narrators/36.html
Title: Иван Компан

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/themes/ekonomika.html
Title: Экономика

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/episode/3399.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=poglyadynv
Title: 7 минут

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/themes/novyny.html
Title: Новости

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/episode/3397.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=shcho-vidbuvayetsya
Title: 6 минут

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/narrators/22.html
Title: Богдан Амосов

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/narrators/23.html
Title: Ирина Лопатина

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/episode/3396.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=noviy-vechir
Title: 31 минута

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/narrators/24.html
Title: Дмитрий Тузов

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/themes/politika.html
Title: Политика

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/podcast/95-teper.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=teper
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/podcast/15-debati-z-dmitrom-tuzovim.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=debati-z-dmitrom-tuzovim
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/podcast/12-zapitannya-tut-stavimo-mi.html?utm_source=nvua&utm_medium=podcasts-unit&utm_campaign=zapitannya-tut-stavimo-mi
Title:

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=nv-unit-main&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU
Title:

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/markets/apple-ishchet-postavshchika-batarey-dlya-elektrokarov-poslednie-novosti-50164573.html
Title: Китайские компании / Apple ведет переговоры с крупнейшим поставщиком батарей для электрокаров и его конкурентом — Reuters 8 июня, 14:10 Компании / Рынки

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/?utm_source=siteglav&utm_medium=glav&utm_campaign=promositeglav
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/aliexpress-kupon?utm_source=news&utm_medium=siteglav&utm_campaign=promositeglav
Title: AliExpress / Скидки до 99% на первый заказ

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/promokod-eva?utm_source=news&utm_medium=siteglav&utm_campaign=promositeglav
Title: Eva / Скидки -70% до конца месяца

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/foxtrot-promokod?utm_source=news&utm_medium=siteglav&utm_campaign=promositeglav
Title: Фокстрот / До -50% на акционные товары

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Все эксперты НВ Бизнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/
Title:

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion
Title:

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech
Title:

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/
Title: Азарт

Search URL Search Domain Scan URL

URL: https://life.nv.ua/
Title: LIFE

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/
Title:

Search URL Search Domain Scan URL

URL: https://health.nv.ua/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасты

Search URL Search Domain Scan URL

URL: https://facebook.com/nvpodcasts
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts
Title:

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радио

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2
Title:

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=
Title:

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets
Title:

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF
Title:

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/
Title:

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand
Title:

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.724889539572394 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.724889539572394

Request Chain 70

https://gaua.hit.gemius.pl/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7&vis=1 HTTP 301
https://gaua.hit.gemius.pl/__/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7&vis=1

Request Chain 78

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&RedC=c.clarity.ms&MXFR=202A3FF678A7667C1D372FA77CA76831 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&MUID=13F5ECB52A0D6E161618FCE42BDF6F9D

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1&C=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMCJtVZ0Gn9v3coNYW7pGQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQ0RhwvNCmcKt6NKfxVnoY&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECrCDw8xq65OuE8sS4II8r0&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECrCDw8xq65OuE8sS4II8r0%26google_cver%3D1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIyMzgwNDA1NDAyNTkwMTEwMQ%3D%3D

158 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nv.ua/ 257 KB
48 KB 92ms
30ms Document
text/html 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 4f423b3bd30e58426b6d73f8128447c7e17f22abe88182839394975171620001

Request headers

:method: GET
:authority: nv.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Wed, 09 Jun 2021 09:28:19 GMT
content-type: text/html
content-encoding: gzip
redis-cache-key: laravel:redis-responsecache:GET:nv.ua/:desktop
cache-control: max-age=30

GET
H2 200 nvua-icons.woff2
nv.ua/fonts/ 13 KB
13 KB 32ms
31ms Font
font/woff2 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/nvua-icons.woff2?02836d3970fb4d607aad597e0eff230e
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 4457b5354c13990d3e20d6d958bde6b43c44c4410d7468c1fc6bdbfd5824c29d

Request headers

:path: /fonts/nvua-icons.woff2?02836d3970fb4d607aad597e0eff230e
pragma: no-cache
origin: https://nv.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://nv.ua
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:19 GMT
last-modified: Thu, 29 Apr 2021 13:46:00 GMT
server: nginx
etag: "608ab898-34f0"
content-type: font/woff2
cache-control: max-age=31622400 max-age=31557600
accept-ranges: bytes
content-length: 13552
expires: Fri, 10 Jun 2022 09:28:19 GMT

GET
H2 200 ga.js Show response
nv.ua/scripts/ 391 B
599 B 34ms
33ms Script
application/javascript 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/ga.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 1685cb58ad7de40415d4bfdc156133febe1c4fe5220706624a7348b3514a80cb

Request headers

:path: /scripts/ga.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:19 GMT
last-modified: Tue, 13 Apr 2021 10:39:37 GMT
server: nginx
etag: "607574e9-187"
content-type: application/javascript
cache-control: max-age=31622400 max-age=31557600
accept-ranges: bytes
content-length: 391
expires: Fri, 10 Jun 2022 09:28:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
959 B 35ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2cd7f69651e0b2958aad2c842b4e4e8a7c13cb883e5ed7f87d930a1079c0d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 08:31:12 GMT
server: ESF
date: Wed, 09 Jun 2021 09:28:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Jun 2021 09:28:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 34ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b216b43f9b11a8ceaf584e09277b78e39f205ecbe4a871c9c974a7d8ff116bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 08:29:31 GMT
server: ESF
date: Wed, 09 Jun 2021 09:28:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Jun 2021 09:28:19 GMT

GET
H2 200 /
images.weserv.nl/ 4 KB
5 KB 53ms
28ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/079/original/b7c5df067a106b9dfe1950dbb8748c0b.png&q=85&output=webp

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48ac91956cb395f6241088434dbbc376e2a14e863796e9ab051bf1cf70930119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 691807
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4264
cf-request-id: 0a91b2ff3e00002c42eb37f000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bJ09747H9rrU%2B8ty1wDTnSxdS58LnhMy7Y8OJ9JY3AJFK9QGItFgSVBuDTKoRRy%2FEVzVTkzDo8nowrhqGMsYfVMvWzFCTM8OGhmUUKCrqzqC%2B%2BHpT0tiqPPIzNjMCws3f8dWwSFE1jjHug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954452ed22c42-FRA
expires: Wed, 01 Jun 2022 09:17:32 GMT

GET
H2 200 main_scripts.min.js Show response
nv.ua/scripts/ 101 KB
36 KB 30ms
29ms Script
application/javascript 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/main_scripts.min.js?3.389
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 9e1b9161f6b11e665e79d93f6898a8942a2f4af44c5941e5e9fcc3c219d3a251

Request headers

:path: /scripts/main_scripts.min.js?3.389
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
last-modified: Mon, 31 May 2021 12:28:53 GMT
server: nginx
etag: W/"60b4d685-19240"
content-type: application/javascript
cache-control: max-age=31622400 max-age=31557600
expires: Fri, 10 Jun 2022 09:28:20 GMT

GET
H2 200 after_scripts.min.js Show response
nv.ua/scripts/ 26 KB
8 KB 31ms
30ms Script
application/javascript 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/after_scripts.min.js?3.389
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 388ebcdebc38e52bba5625a5209fdb0508ef41bbba5b6913ce7b455c4cc04d9d

Request headers

:path: /scripts/after_scripts.min.js?3.389
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:44:28 GMT
server: nginx
etag: W/"60bf824c-67d7"
content-type: application/javascript
cache-control: max-age=31622400 max-age=31557600
expires: Fri, 10 Jun 2022 09:28:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
43 KB 40ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/scripts/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1e516030c0e00dfbf674072ccafbceda2cc3876d4edb0609aba0889d463c663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43810
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Jun 2021 09:28:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 103ms
36ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

69533dd003520dae49e622cdacd17fc5787e0d126104d332918b288aea8999b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "897 / 654 of 1000 / last-modified: 1623190377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21290
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:20 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u04...

43 B
528 B

72ms
72ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.724889539572394

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nv.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u043A%u0440%u0430%u0438%u043D%u044B%20%u0438%20%u041C%u0438%u0440%u0430.%20%u0413%u043B%u0430%u0432%u043D%u044B%u0435%20%u0438%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u2014%20%u041D%u0412%20%28%u041D%u043E%u0432%u043E%u0435%20%u0412%u0440%u0435%u043C%u044F%20%29;0.724889539572394
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 08 Jun 2020 21:00:00 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v12/ 11 KB
11 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:37:21 GMT
x-content-type-options: nosniff
age: 57059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10812
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 17:37:21 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v12/ 16 KB
16 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:09:16 GMT
x-content-type-options: nosniff
age: 80344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:09:16 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v12/ 16 KB
16 KB 23ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:35:02 GMT
x-content-type-options: nosniff
age: 71598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 13:35:02 GMT

GET
H2 200 /
images.weserv.nl/ 6 KB
7 KB 26ms
20ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/upload/label_nv.png&q=75&output=webp&stamp=3.389

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

831044d97d5db8c97615d5c13717a9f538c0e6f989d1f1742b22509e14040d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66957
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6170
cf-request-id: 0a91b2ff4400002c42061a8000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N0cGAp%2BuCnNPZj8ibW6EezFY0BEdA1UWyjvDugja1f5ahODOH13hQjKAIyCNx3QeRXEm5s69V%2FsNswEp%2BSe%2FVtJVfs%2F6LrY5gHJ5n0w71r1Mu3MERSbC1Uf6i%2FCiUrO3CDLy1EYUfbn%2B%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954453ed62c42-FRA
expires: Wed, 08 Jun 2022 14:52:17 GMT

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
621 B 30ms
29ms Image
image/svg+xml 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

:path: /images/author-arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: nginx
etag: "5e6ff361-1a3"
content-type: image/svg+xml
cache-control: max-age=31622400 max-age=31557600
accept-ranges: bytes
content-length: 419
expires: Fri, 10 Jun 2022 09:28:20 GMT

GET
H2 200 /
images.weserv.nl/ 46 KB
46 KB 21ms
20ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?output=jpg&q=80&w=600&url=https://nv.ua/system/program/poster/posters/000/000/089/original/54f49921319be6685cc8aec87e251636.jpg

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75850317bdb48ffe85be51f7b165567f6619ef45635812d0da351e1294dc119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3500
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47158
cf-request-id: 0a91b2ff4700002c4286ac5000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cy%2BhlbPEZ1Z%2BpOix2HWmcOZ%2FTfrwZsNQCHbB9JATPshxWRCrNE2NfReNIMuc8x%2BO3BEX9G14HTENAtJjLmSDKe5vyvYM%2BFp3lV8cRiHzBi1qotvLJ6dbkX12CKChhwhBZHCoTM0PwoWRcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954453ef82c42-FRA
expires: Thu, 09 Jun 2022 08:30:00 GMT

GET
H2 200 /
images.weserv.nl/ 26 KB
27 KB 21ms
20ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?output=jpg&q=80&w=600&url=https://nv.ua/system/program/poster/posters/000/000/098/original/0030a48cda7d6e499cffdfd5d93f823a.jpg

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4288d8ae616700e3a29c3f819cdc99880796a54c2189efe0c5c2a12282af52a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10707
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26796
cf-request-id: 0a91b2ff4700002c42ec359000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YbFoLzsoPGsRuWCKfTqcx4%2BZY1MutF%2Fb0iEH%2F3ybWzzCXGIIJBJUGe1fYUj639TnabHcAH0QH18wiMjNh8DfaWYfRrvDPI2g2b6eu5Iobr8DbgovKlKAwtLzFd5s%2Fgak97nSjm9eo0u3kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954453efc2c42-FRA
expires: Thu, 09 Jun 2022 06:29:41 GMT

GET
H2 200 /
images.weserv.nl/ 43 KB
43 KB 15ms
14ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?output=jpg&q=80&w=600&url=https://nv.ua/system/program/poster/posters/000/000/001/original/05b9afd9cdcf3e180670eb3a71814e04.jpg

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86a93af9537b968d3b7e110468299493ef908fab50c2ed691470d41d7bdf0985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 452012
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43802
cf-request-id: 0a91b2ff4700002c42f133d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3Qxwi6WGtmnGK8W3%2F7ve9NshKb6WZAXCbsyiIqf1jbzTG%2BYQyuxjTEhSDAop6s%2BQ%2BUtCYiG3lwG8k%2BSsaJfziODvV7h%2BmLhbZPtOzUHgq3YdYHpG6xu6YbuYeDOuNIK%2BLlN%2FLS9zrNoHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954453efe2c42-FRA
expires: Sat, 04 Jun 2022 03:54:48 GMT

GET
H2 200 /
images.weserv.nl/ 35 KB
35 KB 19ms
18ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?output=jpg&q=80&w=600&url=https://nv.ua/system/program/poster/posters/000/000/023/original/6126abe6524cc9388f893686dc121a9c.jpg

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e28ddaaf83f1a6c4c021372d5693c6b38ad9c88cb98ee4991cb6996fb55908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2470305
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35797
cf-request-id: 0a91b2ff4700002c4203aa3000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Bg6LTujO%2FuNeVvgMoX5GYOWWsUTG7U%2BRTq3%2B9bQis5NsOWHsrQtrcE1necd8a1sjz0ufQQeLzQUzPJhHm9VLunr3oytl97cRcbucqvXvvm%2F208YvTxN0EYAb%2FyvApC3s3YOH92Xi%2BaDa6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954453eff2c42-FRA
expires: Wed, 11 May 2022 19:16:34 GMT

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 23 KB
23 KB 21ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:22:56 GMT
x-content-type-options: nosniff
age: 65124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:22:56 GMT

GET
H3-29 200 ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v9/ 18 KB
18 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:48:40 GMT
x-content-type-options: nosniff
age: 34780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18288
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 23:48:40 GMT

GET
H3-29 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v9/ 27 KB
27 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:13:46 GMT
x-content-type-options: nosniff
age: 33274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27344
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 00:13:46 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 19 KB
19 KB 30ms
29ms Font
application/octet-stream 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?40db915f47ed54220a40f13e1418201b
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: d36856d4b0a68aec75fbc918c798d2373c9d9958eacaa335d7e1e8670c465815

Request headers

:path: /fonts/icons.ttf?40db915f47ed54220a40f13e1418201b
pragma: no-cache
origin: https://nv.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://nv.ua
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
last-modified: Mon, 31 May 2021 12:28:53 GMT
server: nginx
etag: "60b4d685-4a84"
content-type: application/octet-stream
cache-control: max-age=31622400 max-age=31557600
accept-ranges: bytes
content-length: 19076
expires: Fri, 10 Jun 2022 09:28:20 GMT

GET
H3-29 200 o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v12/ 10 KB
10 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v12/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,400i,700,700i&display=swap&subset=cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:09:52 GMT
x-content-type-options: nosniff
age: 40708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10504
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:50:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:09:52 GMT

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v9/ 16 KB
16 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700&display=swap&subset=cyrillic-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://nv.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:52:05 GMT
x-content-type-options: nosniff
age: 48975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 19:52:05 GMT

GET
H3-29 200 /
images.weserv.nl/ 11 KB
11 KB 92ms
78ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/015/390/original/80f9e9719ddb9e9eb8b01853913fc74c.png?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d0b0427bf7be3e10b6a0dce4091b4122e82926e1fc883f4ae69db8c06dc2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 29216
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10961
cf-request-id: 0a91b2ffd000002c22a88d5000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IuBzYGonq7Sy0Zoxw3CvKKcq9dAXTjVqiT8A4mBRF9gU38A005NMOqn2xBnvXBkjRHP0juUXCedPUipGfn18qfoD28wo%2BonNFlfA6NXLS%2F4A3sr%2B3EoMIIKYjekEH%2Bfp3GO8x8XsVL2hYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad92c22-FRA
expires: Thu, 09 Jun 2022 01:21:24 GMT

GET
H3-29 200 /
images.weserv.nl/ 11 KB
12 KB 96ms
82ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/010/919/original/33ba845640d1a3864dd7c0641ff5beb8.png?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3311de9405705d8aea6f87696f874d62833137bbf2d21028480656520bb1acb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 735138
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11297
cf-request-id: 0a91b2ffd200002c22d892b000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=STjSfzb9xob60YntSCVq%2FofIti0iUKW%2BAV%2FHZ3r9JMKUEm06unzGaxhfvzoegmckrBPbYmZ4LWlVYP2uTgXMgETk5EEU%2FD7GsmunCqN%2B83tjsfL0kzcU2ITq8TmmsVLn%2F1vmxDa4oS%2BJiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ae32c22-FRA
expires: Tue, 31 May 2022 21:16:02 GMT

GET
H3-29 200 /
images.weserv.nl/ 10 KB
11 KB 47ms
36ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/013/797/original/be9d11ceae28a063814bf6d47aa4352d.png?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac993d64e427fcbe3577a88c45f7d10149f51db0622fb0ce12fd5bc0fbe95295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11999
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10680
cf-request-id: 0a91b2ffcb00002c22aeb86000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uSwTijuomXGPfY5tNbmwuqaI7fDudDeac%2BZkC7OcSG7DgkTCoL9OWjrjFfpWpMc%2Fmzp0kvGTNL1EFSXMl6LgA5GtvbowIBrSz4W1qaOAwpBNif7EZ5qXdQNy%2BZOlhk8LFzVKDchHekjuMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aa22c22-FRA
expires: Thu, 09 Jun 2022 06:08:18 GMT

GET
H3-29 200 /
images.weserv.nl/ 11 KB
12 KB 93ms
80ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&w=115&url=https://nv.ua/system/opinion_authors/avatars/000/015/680/original/1c9c1981453ed2eab4086a279ab9e104.png?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0994235573f79bf915d7b55a6f82ad755199c61829ad604aa58f87e5208b1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4115712
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11312
cf-request-id: 0a91b2ffd100002c22ee8f6000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=35KB%2Fcgknsf3V6z45SsdnX10Z7Q7nJyDRWCODZ7n2VGfhI7lK4noBzh0c%2FbTKXyrwDaqGc%2BSdAeyvEYYjr6%2BVisyVne0QxTHWG0UORJku0V%2BOxi5VzqGDTobL6%2FKlM3ziXbphCzFvFujZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460adf2c22-FRA
expires: Fri, 22 Apr 2022 17:59:37 GMT

GET
H3-29 200 /
images.weserv.nl/ 7 KB
8 KB 77ms
66ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/073/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

423c910658299c90e1b2809f08f076450854ec81c376bf39409c841ac06fd8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 693048
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7447
cf-request-id: 0a91b2ffcf00002c22c3339000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WFatMl1FTWWE6RnfJMXsr8Bc8MdKotf85vwD%2FbBlRtYSzU9PQethQnWq3TlYRKwhwgFwK9k8AERyEdRjGcUx%2FcpiRLo2I5gRCgcjPxoefOkDqJEbajVQ7mi20iHS6jCNLXi3uv510zQXDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ac72c22-FRA
expires: Wed, 01 Jun 2022 08:57:28 GMT

GET
H3-29 200 /
images.weserv.nl/ 3 KB
4 KB 91ms
79ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/075/original/38f22dff0e1246dc51a461d64d997aeb.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1ccdbac41ed8a853806f50a646b3cb75ae73970b038cda36e79c102364b88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1214987
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3198
cf-request-id: 0a91b2ffd200002c22db838000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z4hOLB1P50HhUZPiByAx8YtG%2FgyMsi3C8OvoJg3XWnicGRHIvk6t9pmAfWKDzS6K%2F4lAOCRLCaDLLWSSXpYUuRv3d%2BNJ113w4%2BILmgj%2BVO8DIL6P7WE%2FkG5ool7YJ8UNWtEIEI%2Fz4B%2BJXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460add2c22-FRA
expires: Thu, 26 May 2022 07:58:33 GMT

GET
H3-29 200 /
images.weserv.nl/ 4 KB
5 KB 90ms
79ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/system/top_images/images/000/000/077/original/c5b00c076d6418b6e31115e01f74afc4.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c362ef55dfcd2d94eacecdd07c2c04fc38981b4e3447eb1634e6514cd0a303d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 63615
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4209
cf-request-id: 0a91b2ffd100002c22e3bd2000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ojr72Gx2Sosd8jVF7Jntp%2Fe3BDT54OSPhvxJOSuK5ksGSO5%2FV3CqCejNkqvi9Ld0BQgcgGf7te4cs3yvj%2Bi9C0Nm3sWeGPVM8aVWQpl2zmvxJBBoOLaBL%2FFP90x3jIgRKEdrGgHXAI1naw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460adb2c22-FRA
expires: Wed, 08 Jun 2022 15:48:05 GMT

GET
H3-29 200 /
images.weserv.nl/ 91 KB
92 KB 35ms
25ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/078/original/ec0ef8dbff8e9dafcaff17d4c172ee52.jpg?stamp=20210609022822

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

536d3a773c4bd1c8b3e2f77510c15dcc179892cd6384e909e8f76178b648c0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12776
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 93278
cf-request-id: 0a91b2ffca00002c22a2a9d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zscby8PgKQzOXDAMRWzXb6%2B90aRiShv0yw6QGsrWQBJEHzr8toTW0jULmtZekEl%2B5P%2BNpVPx30e7tefgo%2BUG9yI5eJneP5LYjYgaNjr5MlRbI9bkxXQ977l0i0TzCx%2BqbKHudgX6AszCSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ab32c22-FRA
expires: Thu, 09 Jun 2022 05:54:50 GMT

GET
H3-29 200 /
images.weserv.nl/ 16 KB
17 KB 84ms
73ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/134/600x300/ee69f1ef1920fc02a5fc7750061da7ed.jpg?stamp=20210609100841

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04f4de66929167a91ab8609b4c823c90f46c8484f7bf86f0d4f0f7874b15fef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8053
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16688
cf-request-id: 0a91b2ffd100002c22c8875000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ICxzKnJdkhDRrD0ihyzuaAhU%2FTClrpu03lv%2BmkYFDhjf3Wmv0j8oM5Xksg1KNkGBx5r0i%2BN92z8z4QmHVHppuRPnjNpAYcmXwuusfKCwPCW2EU6K4NtnvAmirjrTDFFHZU3pMdxtoYYXxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad52c22-FRA
expires: Thu, 09 Jun 2022 07:14:07 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
9 KB 92ms
81ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/178/300x150/115e31e2f95b0493e8d8496c498623c7.jpg?stamp=20210609121313

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5b148160c2fb15b0bfefaf2764e9e0c0fe9cdb869b1f28ad74c18c27f50205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 509
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8904
cf-request-id: 0a91b2ffd200002c22b115e000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=196pAAVhiBt5Y7SYjArZAVHcRmkvaNuPjbhq9HeOXTsvOfCBc%2FutZX2JG4nrqamEUpzx%2F%2FkShKT66Olz3QJ19gYcKFz%2Fa1gmUPahX4LwaqmBmILrZWz%2FJkaWtIxV7xETd%2B4oRrSBsAdYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ae02c22-FRA
expires: Thu, 09 Jun 2022 09:19:23 GMT

GET
H3-29 200 /
images.weserv.nl/ 4 KB
5 KB 75ms
66ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/166/300x150/afc8fbe382c20c8639415b403567230e.jpg?stamp=20210609120120

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed904fded58002a91cceffa2fb792e7beea30070ff82748ddd5394db1cbe369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4436
cf-request-id: 0a91b2ffcc00002c22e7255000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yD9VlFZITYy%2BMpggT1rUV%2BpizPJyR5uWZpJpiTfV8QRTHy%2F3LxUAh3KVqaNaqik7guNhKzFPch3GlUNszi6CGOlYYBaNd9ri1NbZb9uh7GFTRhpu5sXCsp2gR%2FxYkykwHeMt5h2y3KLMbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ac52c22-FRA
expires: Thu, 09 Jun 2022 09:09:16 GMT

GET
H3-29 200 /
images.weserv.nl/ 6 KB
7 KB 60ms
51ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/200/300x150/325d82eb5cb28fad30ef1746ddbc99c6.jpg?stamp=20210609120056

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e78ee21e1cf51af510b9489a104597a9d274d3f2d56939709eca2f7c159da3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6272
cf-request-id: 0a91b2ffca00002c22c0295000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VvfqoWib%2BMlnCpwVLU5xv7ISNf3D7oEBuprzCoo21NebaDLklD0dxCtMTXMDlZY%2FPez%2B9HIfTk5PiLRpMJhtbfefwoqSWPwn2Ft8WGcLI7djmzrlNa7VO1vUEg%2F4kJh%2BM4S3lKtE6IP7Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ab22c22-FRA
expires: Thu, 09 Jun 2022 09:09:16 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
10 KB 93ms
83ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/202/300x150/79e9caaef18fb3d6d44a8e968d964066.jpg?stamp=20210609115451

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

751745855034e98950edacc75a1329445888d84a7f881f634e9d99614c63b5b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1144
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9066
cf-request-id: 0a91b2ffd200002c221d37e000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nQYJHOvupeAMXF5AYzcTklY8cAe4N1L4rqEPz7QIHfBJ8gRRziSoLZONyV3MoYA25oW4PRdqA3IiT8Hh%2F5x93JjOSfeu%2BzJ8nY%2FdaG%2Fd1XjSmPhjsDOMn8HrCFMeJ6RI93eVKtuwTFcB6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ae52c22-FRA
expires: Thu, 09 Jun 2022 09:09:16 GMT

GET
H3-29 200 /
images.weserv.nl/ 13 KB
14 KB 76ms
66ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/168/300x150/4be1361c5365af34b5632b9138b632e6.jpg?stamp=20210609112010

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a41dce230170de75ec306be3f58404a1588f9be814c3b59256643949cbe3cebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1910
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13498
cf-request-id: 0a91b2ffcd00002c220c394000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DqQwLM7htQU%2BvDHrzEVLS%2BCWssDF0l3RN3LWPh8tat9vGCib9XNBDE3Fx068DR4eALVrAaU1Tx8%2F%2B%2BsoBnB7aFCfMDjm4P0TiZK6o6A1%2BXAoCQyB%2FbBETvLOM8d54KPzWfLMJ%2BLZgQ23wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aca2c22-FRA
expires: Thu, 09 Jun 2022 08:55:50 GMT

GET
H3-29 200 /
images.weserv.nl/ 7 KB
8 KB 46ms
37ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/186/300x150/dd7ac2d42aa15d9edb0b8441e01e1395.jpg?stamp=20210609113649

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec17d7f91fca87418bf747a62ae25b58a7ff5565f259d4856c70a012e4b5a30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2858
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7458
cf-request-id: 0a91b2ffc800002c22fb20d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=noyCTLjvQHF2pMHBPfwevKr8LgCISQCr%2BXIgit8XBSJDUcDyxU8v14NQEbbo0Aoq1yooNrq8vN8DzL7WPe12Sd3A%2FQBfnBjISuVsoE4xRVO%2BBmC5yK4B84s9TOic5G4BBd56I37NRu83Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aa72c22-FRA
expires: Thu, 09 Jun 2022 08:40:42 GMT

GET
H3-29 200 /
images.weserv.nl/ 8 KB
9 KB 80ms
71ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/154/300x150/bd98d5108a6b03c0bf8644465e18fab1.jpg?stamp=20210609110330

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad63618a17dfc4a241f7bfc08fcd20a655597161167255b246d9d30b81cf3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4408
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8688
cf-request-id: 0a91b2ffce00002c22b8b84000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VLQZG7nH1%2FDHPSEbW9UwrsidZ5HjRCZcU9Uw%2FALXGmVmKAycu1mjeA%2BurICFQ2HJ201sEDW1AitW0zgxM9FHlHmoWGUKu0cIgnUtDv3J761ZZML9joPZk5u1uGwhNFxs6ldAyMGmAk0Fvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad12c22-FRA
expires: Thu, 09 Jun 2022 08:14:34 GMT

GET
H3-29 200 /
images.weserv.nl/ 13 KB
14 KB 81ms
71ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/140/300x150/b2ab4a9f780b122cf4eaf37d8ac487a9.jpg?stamp=20210609103608

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d2b9d06cf737999675d73a2e6ee28a30ac1bdeb1777884fd66b6e95a454c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6152
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13658
cf-request-id: 0a91b2ffcf00002c22ac2c9000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jNFw91C12FnILWBI9sPUqnBMdEx0t1JDjxdVN091Apky3lB7zgvgZJ5QayLFOjG367v5okhohiyBC8PtDFR1cMnqoAwlXlmW0FUpbuIKTpKRjRJIkopzwRFxuubWWUmD1jnSue5%2Bd5jH5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad32c22-FRA
expires: Thu, 09 Jun 2022 07:44:53 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
9 KB 80ms
71ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/338/876/300x150/0386d39d8382bf4eaa5891086a98a2d2.jpg?stamp=20210526121059

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e6bb4ec74f4c15a96697ea6ff0ceb8f62514a530328cd7d2188e589bfca0c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 177911
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8744
cf-request-id: 0a91b2ffcf00002c22de12c000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w3M9QGGqlBWVOtx5El1S7kyqM3CJbN6tVnj9v488w8feNTlb8S14DdWgHy7tst9UnXpuNPt5Q3CE0m1A9pY08l4Wmx67pCjAG3ZP7QlDI1O3xbW2EOgKUFQy%2B04i1iZllNs8jOoDwFpaIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460acf2c22-FRA
expires: Tue, 07 Jun 2022 08:03:09 GMT

GET
H3-29 200 /
images.weserv.nl/ 13 KB
13 KB 69ms
61ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/138/300x150/36c91b8f2e9ae4476d6d63a1461c4a00.jpg?stamp=20210609101634

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bee724dff5b2725e7156c2aa955089bb6b6d1e1c0d0fc40f37f8d9817a123f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7523
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13022
cf-request-id: 0a91b2ffcb00002c2217055000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YLIBpdg2Jtp%2B6SSOiIEsgsExGkdnI6GKjr2qi7bbcz48Tq8QgDS4c44RAgI9EH421aqWxfyCRmD9sqs5BHedx437kH06FUOaQEKwG%2By22P0L2OotY2pPQc%2FYla7p%2BQCKIzrx3TvNf89qSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ac12c22-FRA
expires: Thu, 09 Jun 2022 07:22:57 GMT

GET
H3-29 200 /
images.weserv.nl/ 25 KB
26 KB 70ms
62ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/540/500x250/02b0af2313b51b5b7d8b96fbb6569408.jpg?stamp=20210608124107

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cefb20a5aecbf3ad777c251befce030719061fdd9918640030356528174abe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3848
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25618
cf-request-id: 0a91b2ffcc00002c22de12b000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3xq9PtL8E0S1FmJ%2BqVopsCFPpxJaJHlPguzkPUDp3D7fYfEye3rAfJdv%2Fk7SYH2FBvvsiXEoPi8Dy3kBqlVNDApghrBpqBtKkQ3VumJpZTlczZHPX%2BysQTx%2BHFsJIHPzWngM9VWT9%2Bd0Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ac22c22-FRA
expires: Thu, 09 Jun 2022 08:24:12 GMT

GET
H3-29 200 /
images.weserv.nl/ 32 KB
33 KB 77ms
68ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/876/500x250/3c873b1c6ae6a2b11ad167aa783a59ee.jpg?stamp=20210608152751

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3092e6d2d4edce3fe5884d232148f3b27284a63c849e2258ba4add233ab25df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3848
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32912
cf-request-id: 0a91b2ffcf00002c22f73c7000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=joHXA8JKhCvEmkYR1zkAMLUZ1MFtMvUdmOOABL6U9AD%2FoHXUw4XNoLe5WN2wCWikGWM%2BCyio%2BeQqi4tY4yGh5nKIgp6ZQ6bvv6%2FLnsShXQ9gdnrxroKSwDtNknO53zrQTrwLkEJ%2FVSMJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460acc2c22-FRA
expires: Thu, 09 Jun 2022 08:24:12 GMT

GET
H3-29 200 /
images.weserv.nl/ 15 KB
16 KB 76ms
68ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/348/500x250/c0d223823001024027b4779a03179d1b.jpg?stamp=20210607125518

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f7a7b5348cc7c8b3180cabafd0eac667941392311c360ac812d07f2172edb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 88636
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15866
cf-request-id: 0a91b2ffcd00002c221d37d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0yjNMnzgiPAETip27Hrl3qN6U3HOLGSfw6DtuF3irEunybYEQpMpFbuy7%2FystPO%2BoCjnsklThfXs2IN48IWrFXeC1yaDL5ryfsneDr761fTdOJsxGGBSNFc%2B9xZrSU1AIRbteAAbLW2HUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460acb2c22-FRA
expires: Wed, 08 Jun 2022 08:50:59 GMT

GET
H3-29 200 /
images.weserv.nl/ 72 KB
72 KB 85ms
76ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/472/600x300/d7088e90255e43b911695b853c0195cb.jpg?stamp=20210607162525

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff5d9130d49b1d297ef3075113da32af7cd8091ba272186ac21b4d2f3489b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 119819
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 73382
cf-request-id: 0a91b2ffd000002c22eb898000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xttoD0n%2Bceau%2Fvr8H7MqkxrIm1FmpbffKWfKHRjLHCJM45D4WnrFZ6k53uMLnd01fui2ulESleOUJKNxMIo0XBqO2Z9CznVfYj%2BfAfEDn%2F%2BrgbwlfaXRjWWjlxBMewlrXO6B84lLTYHE2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad82c22-FRA
expires: Wed, 08 Jun 2022 00:06:45 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
9 KB 84ms
76ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/430/300x150/dfeb857cd54ddd632056f1a5a316c682.jpg?stamp=20210607143057

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3b4813419560b632c5bfbc268087207d649863fc68a3c0b5b4f284f19592e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 148701
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8982
cf-request-id: 0a91b2ffd000002c22a3349000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ywKU%2Bfwy6LrB60tmsx2sFMMQGIbDDvwtrSqhY3RNco7oXyYwSnZ2NeJ1L%2FWPgMbBNuH8x5b7rJ9LGCWkSN6jHPIzHyT%2BHovKmAaKwnhVc46z%2Bh%2FimEGv5ybvPW4ig30z5OsPjDvZWmI93g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad62c22-FRA
expires: Tue, 07 Jun 2022 16:09:45 GMT

GET
H3-29 200 /
images.weserv.nl/ 14 KB
15 KB 89ms
81ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/304/659/300x150/c6a029bbe0c33e16bdc552bb02417848.jpg?stamp=20210324094425

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ab235aa58857aca90622233fedf451c1825997589ab0123ee5fd3150f4e288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 162441
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14632
cf-request-id: 0a91b2ffd200002c22d5a8f000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vYdY0jXJieJUmjASVa5QTU2C3xxiyEPbr%2F%2FCVx8VFKp3mDgiwn38y1uy5wyo3Ur%2BEXzajV8d3oyYfeKE9mb70QJPrqd80vvdfya4eZws9cfzZ%2FbAH4%2FoYGDSKGC2hVQD0eNHasRabvUOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ae22c22-FRA
expires: Tue, 07 Jun 2022 12:20:59 GMT

GET
H3-29 200 /
images.weserv.nl/ 6 KB
7 KB 88ms
80ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/334/300x150/f6cbe3be9cc3ad4f0ffbc7436840b829.jpg?stamp=20210607122344

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd8e1e85b51bf5abefbd33f7cf823de433128aa1c93c56763667cf386c1a0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 16112
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6326
cf-request-id: 0a91b2ffd100002c22d29e3000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hMzjQJRVeAay560NH1jgPQqbzlmOwn2T%2F9yadp1QXuOxgvqZe1dIIE9SVT1byUNo5bNyuWLtZ59CXcZYzTK9RNTKUxUSSMtvvy%2FPrw2duVcGmcxvZO2PRQlVrOxUUB4PWBNAncwqXpLlLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ade2c22-FRA
expires: Thu, 09 Jun 2022 04:56:14 GMT

GET
H3-29 200 /
images.weserv.nl/ 8 KB
9 KB 66ms
60ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/810/300x150/57f0fba8361826da81c01f7dbb040c74.jpg?stamp=20210608144132

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0018127f74c9fc8eb29979ebbb651f6556a646f7c6d426374b0d5178d4aefc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 18120
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8066
cf-request-id: 0a91b2ffce00002c221f15b000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XlZmGStIi5otxuZZz%2FF8EiisIr0GWBMWdNN5YKRYY%2BGCfH%2FHVsBBdZb%2BcijJDmUcSgHArnpqGPYaWyODC86qHzfa6l0Rq6ndzBZ%2BoZHt9Zri8SwFSkSsncO%2B5yb6Qtnr1mX837Dsc1%2BAxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ab52c22-FRA
expires: Thu, 09 Jun 2022 04:26:20 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
10 KB 72ms
65ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/750/300x150/83732e7b9e6ac2ac5e4d292fe14b465e.jpg?stamp=20210608114049

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0760b8fb14342cf4d94f8e8e5097486ac310e93e0e4afa7343cb1d03e08c54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 18823
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9424
cf-request-id: 0a91b2ffcc00002c22ffb3f000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FBF79wwFOwL%2BUY9W2PxrMmBX8Mx9NiPw3iZvnLkKUWgv81dtyMZ8v6vrHMa1Hqk%2FEga%2Fu4vHE8a72RkEFMkzHiOkIak5wWOYhLruRsDqZJLMb6%2BDKkd7B%2BnZ%2BZ9WNNx3c62ieENr4uHcZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ac42c22-FRA
expires: Thu, 09 Jun 2022 04:14:32 GMT

GET
H3-29 200 /
images.weserv.nl/ 11 KB
12 KB 56ms
50ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/343/950/300x150/36aac3cd996cfe4cd1eb04331f56ecd6.jpg?stamp=20210608190322

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

366ae5f6cc6cd8b2dcf527e47c30143ab5654e1ee605cd4a5801ec638bb1b5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 56881
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11218
cf-request-id: 0a91b2ffc900002c22ac2c8000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lm4HuSD0g29ypl6Rf2KdURzGmMUVanVQsvrIVbC6kcYXKRW1ihwEwdwvAPM80XVcrDM43INd0kGzqzXQCRQrx0qTHgGUXDu7jsXpJnN3btIVjJzuhUQb7tFYxEy%2BM5TNUKc3YOfldR2GSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ab02c22-FRA
expires: Wed, 08 Jun 2022 17:39:33 GMT

GET
H3-29 200 /
images.weserv.nl/ 61 KB
62 KB 52ms
46ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&url=https://nv.ua/system/banners/image_desktops/000/000/064/original/desktop%20(1).jpg?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d145dd4c10c4c32fe4afd91bb21321347e141e575a32e8e62271883f4eae054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 423237
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 62311
cf-request-id: 0a91b2ffca00002c22e128e000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iPbzidOwsOFb1fNawUGPyJN%2Bz4Nf99hfpdupE0y9nIk2iGHx9n5Yppwt92saW2Pjn1IPCIPLmFSQa7m%2F2WpQJlE5oKxbWz0j808dorcurV6Y7wlJjg6eCg1pPavLDD89VnPlmWn8%2FLAKlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aae2c22-FRA
expires: Sat, 04 Jun 2022 11:52:54 GMT

GET
H3-29 200 /
images.weserv.nl/ 32 KB
32 KB 44ms
38ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/156/600x300/d3eb59cc4ef8278bfed509d102ffb254.jpg?stamp=20210609110045

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0b701e5d608ee3bec4946928e7cdfcfa18bd9c5ac0f7e9efb0c6bc1f65ca53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4698
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32332
cf-request-id: 0a91b2ffc900002c221330d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FqFgXhVb%2B26WoMeYt8%2BorZ6g9ISV%2F702gnwY%2BPLKQIvoMh%2B%2F9v%2F7WmBbJQoT2DYna0ph%2FB61BNcL6AGoyJo9K9fes6LJZnkDg9HBideFc5EY3qpx15dEe8zVrDdMBbfCbjMy7SfI8PtLPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aac2c22-FRA
expires: Thu, 09 Jun 2022 08:09:59 GMT

GET
H3-29 200 /
images.weserv.nl/ 5 KB
6 KB 43ms
38ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/120/300x150/ce9f4e5c7a1287dcba8c32aea615c058.jpg?stamp=20210609093239

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c0a8d36a7bdc18cede92caef9bd67a7f42682906b85d0520537c1f4b38318b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7610
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5628
cf-request-id: 0a91b2ffc900002c22b115d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9tt1%2FlnbfZjjSf6BZ%2FAl06SQIPHTzTxK8rPBLKtgcbTrSx2kuwGRxb7nwFLTau8YCXa8Qs45XWHuoG5Jfwe4CAJMH1k7MZypjZJ0eBPk05g5sG2BMS91YbQnpFoW%2Fm0wdRxqvevdeTwNfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460aaa2c22-FRA
expires: Thu, 09 Jun 2022 07:21:30 GMT

GET
H3-29 200 /
images.weserv.nl/ 2 KB
3 KB 66ms
61ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/130/300x150/1577d5cca3fba50ce00a199cdfffd2cf.jpg?stamp=20210609094523

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

474f3fba05766b6db0a65bcfe8d20cdf8afab8b607f11688644460e947091063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9210
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2300
cf-request-id: 0a91b2ffcb00002c220f18d000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f6Kpdi6Pgwa9ME1eHnkV5R3kd4epM4rLYuqRJpd3a3LA%2Fbjm9O6D5bixVnTIt945K%2Bo9J1RCpVvQhRteOGbSkMVuIvTb%2BTTInnOXJwJ%2BRPisiVN8JA0lZ05tsWU0GVdu23%2BN7amqRCPf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460abf2c22-FRA
expires: Thu, 09 Jun 2022 06:50:40 GMT

GET
H3-29 200 /
images.weserv.nl/ 12 KB
13 KB 24ms
18ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/116/300x150/448bf5552283e25408b1552c99bda0e7.jpg?stamp=20210609090145

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021c65ee9dc860e9ffe3aeebe61eaf14c50d090fc467eb6618bb7c356c8c9787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11188
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12728
cf-request-id: 0a91b2ffcb00002c220c393000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BVeB58UfU5hotvcPEVX7F2H2%2F4ce33fF3NVRXMRdKsw2ZZcQ%2B2qEd6JDGSKzXJY6lFHuyCBIOwaTDgSoGFcP%2BIi6AhPlZmthEjEmbNvopdE%2FfGAX%2FWzp%2FStReiG4JCZbbafyoE4T1%2BUdIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460abb2c22-FRA
expires: Thu, 09 Jun 2022 06:15:58 GMT

GET
H3-29 200 /
images.weserv.nl/ 11 KB
12 KB 66ms
60ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/020/300x150/b8333d0728dc02a41bf680179d3888b0.jpg?stamp=20210608203505

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6851936d191dba1be8f7e84f557f6bf35344fdd6590c9050da98932d2ffd4854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 56376
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11180
cf-request-id: 0a91b2ffca00002c22c3337000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RWV6hrJKUZ229wRdzEnMpsgHPIqhZ2K7F2K%2FHPOXCLTDVCqYS57nIdt3oC1TQM7tLfypuN9PyGjmF6mkBMVagm1X1S1I%2FqwbDukNJbOHth2tlgzXbG%2FPiv64kow8SXMEGXcnwMhQg9X1xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ab92c22-FRA
expires: Wed, 08 Jun 2022 17:44:17 GMT

GET
H3-29 200 /
images.weserv.nl/ 9 KB
10 KB 78ms
72ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&output=webp&bg=white&url=https://nv.ua/system/Article/posters/002/344/014/300x150/c32604f4f9de71673c37ca309719feb8.jpg?stamp=20210608200241

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d75aa8125da3bbbea9dead6648343bcd43520e399ff41368b1e12fba873d1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58587
content-disposition: inline; filename=image.webp
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9598
cf-request-id: 0a91b2ffcf00002c2210a73000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vY2eH%2BWSNEbRUD4MBG8R6UQ6uhRK5VgYuT93Fi8Ykg8LiMsOtieMBEeAZNI71R8evn1gL%2FjeSNyiGf09MFJaheP0niTh6DtA6XbetXMELi07jTEYvP%2BgIOBKHsvYcntqaYfiVEbAtXPI3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c954460ad42c22-FRA
expires: Wed, 08 Jun 2022 17:11:44 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 39 KB
11 KB 112ms
35ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: eb7c9303c1909cb61c459c12b535c69eb76ed3b08720c97a586e26b0b4ab8028

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 09:58:52 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10552
expires: Wed, 09 Jun 2021 21:28:20 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 48ms
21ms Fetch
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 6942630035487337075
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:20 GMT

GET
H2 200 1.html Show response
nv.ua/get_additional_blocks/ 45 KB
8 KB 37ms
30ms XHR
text/html 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: b8b528e83753be4e64f8123d221752ae93b97d9166340a6d8ea1514ed353fe06

Request headers

:path: /get_additional_blocks/1.html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
server: nginx
cache-control: max-age=360
redis-cache-key: laravel:redis-responsecache:GET:nv.ua/get_additional_blocks/1.html:desktop
content-type: text/html

GET
H3-29 200 pubads_impl_2021060301.js Show response
securepubads.g.doubleclick.net/gpt/ 312 KB
109 KB 74ms
36ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Jun 2021 08:37:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112073
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6568
date: Wed, 09 Jun 2021 07:38:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 09 Jun 2021 09:38:52 GMT

GET
H2 200 59bikxsf9x Show response
www.clarity.ms/tag/ 477 B
858 B 176ms
120ms Script
application/x-javascript 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/59bikxsf9x
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bf9e923914a03938356b1e3abdce7d5baf3a22256ebc39481c056db70915f1a2

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
x-powered-by: ASP.NET
x-azure-ref: 0tInAYAAAAAA/Bx7+IlBcS5OZqmnMr78JTE9OMjFFREdFMTUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
content-length: 477
expires: -1

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
388 B 36ms
35ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e0457572fea8ea322e60eb0b316b3b0afa097a778263d5eaa72d1569e86cabf9

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Fri, 09 Jul 2021 09:28:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 106ms
29ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=587924792&gjid=362385661&_gid=2063919059.1623230900&_u=YGBAgEABAAAAAE~&z=1857462191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Jun 2021 09:28:20 GMT
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1208234748&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B0.%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=587924792&gjid=362385661&cid=1294343645.1623230900&uid=0&tid=UA-51943557-1&_gid=2063919059.1623230900&gtm=2wg621WKM63L&cd2=-120&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=619949292

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 11:22:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79529
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1623230900446/
Redirect Chain

https://gaua.hit.gemius.pl/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F...
https://gaua.hit.gemius.pl/__/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua...

169 B
427 B

101ms
100ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7&vis=1
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: f96af18730c98b10e304267ec1c16c25cdff06c06c9f2faebea6760ee194446d

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Tue, 08 Jun 2021 09:28:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1623230900446/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 08 Jun 2021 09:28:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.at/adsid/ 107 B
799 B 55ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.at/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 498ms
498ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2744488245241648&correlator=3529710551623386&output=ldjh&impl=fifs&eid=31061358%2C31061384&vrg=2021060301&ptt=17&sc=1&sfv=1-0-38&ecs=20210609&iu_parts=271925883%2Cnew_nv_premium%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=240x400%7C240x350%7C300x600%7C240x600%7C300x250%2C1920x1080%7C810x60&prev_scp=lang%3Dru%26razdel%3D1000%26section%3D1000%26url%3Dhttps%253A%252F%252Fnv.ua%26newnv%3D1%26only_selfpromo%3D0%7Clang%3Dru%26razdel%3D1000%26section%3D1000%26url%3Dhttps%253A%252F%252Fnv.ua%26newnv%3D1%26only_selfpromo%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1623230900&dt=1623230900487&dlt=1623230899955&idt=502&frm=20&biw=1600&bih=1200&oid=3&adxs=1114%2C-160&adys=925%2C0&adks=1542901095%2C1595207724&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnv.ua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x308%7C1600x0&msz=240x0%7C1920x-1&ga_vid=1294343645.1623230900&ga_sid=1623230900&ga_hid=1208234748&ga_fc=false&fws=128%2C640&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

30ee96ef96092bed9d5d0192cd0afb4f7c4ee524bfddf31e58082ffffda91916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7547
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 17ms
17ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=587924792&_u=YGBAgEABAAAAAE~&z=218690284

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 36ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=587924792&_u=YGBAgEABAAAAAE~&z=218690284

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/vmss-eus/s/0.6.13/ 46 KB
20 KB 98ms
98ms Script
application/javascript 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/vmss-eus/s/0.6.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/59bikxsf9x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
content-encoding: br
etag: "1d756572db92087"
last-modified: Mon, 31 May 2021 19:57:26 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0tInAYAAAAAC7rGDnkLMZQ4y9yyVQIF9ITE9OMjFFREdFMTUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&RedC=c.clarity.ms&MXFR=202A3FF678A7667C1D372FA77CA76831
https://c.clarity.ms/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&MUID=13F5ECB52A0D6E161618FCE42BDF6F9D

42 B
357 B

48ms
48ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&MUID=13F5ECB52A0D6E161618FCE42BDF6F9D
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:19 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-msedge-ref: Ref A: 49CDDB0C47434ED7A5CF5B94E0B9FD87 Ref B: FRAEDGE1212 Ref C: 2021-06-09T09:28:20Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9B50256D30FB457C91DFB316E07C4575&MUID=13F5ECB52A0D6E161618FCE42BDF6F9D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3-29 200 /
images.weserv.nl/ 406 B
1 KB 23ms
22ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/upload/sub_arr_open.png?chernyak&q=75&stamp=3.389

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275fed66a144ba70e5290629ee122bd0016a89410b1dadc604c2daa395443443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66945
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 406
cf-request-id: 0a91b3026700002c22c5805000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eS1vFKvyDiTPrugHnoM8yfjSx9ZTWA6jwrjWCTK9m8rAno4P4FTqn1Jiu0p1QTPG16ZyIPbFD9d%2B2nAaMZeazGKfG67km9iJxtNdmm5pk9Ock1qR6MipEBHYsFl0c3la2wDqBkGUBqS4Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c9544a3cb22c22-FRA
expires: Wed, 08 Jun 2022 14:52:20 GMT

GET
H3-29 200 /
images.weserv.nl/ 198 B
871 B 14ms
13ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://nv.ua/upload/sub_close.png?chernyak&q=75&stamp=3.389

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ac6090640ad0b4a09f3588c838aad6ccb836b594468c5d42601d6a76044ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 09 Jun 2021 09:28:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66945
content-disposition: inline; filename=image.png
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 198
cf-request-id: 0a91b3026800002c22b8bcb000000001
cf-bgj: csam-hash
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PJqUbSbG9mYIIL%2FKG1P00558fTZOW3owR%2BapJH4izB6Au5saEe1wx6xJuWr80TkgavLeI61LO%2FS5a%2F%2FvrbiUmJwIaOiMPLmje5H3JVmI6kHqw4l7%2BLbmyhexnePinHA7OgAklUfennXMwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 65c9544a3cb62c22-FRA
expires: Wed, 08 Jun 2022 14:52:20 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1208234748&t=event&ni=1&_s=2&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B0.%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=https%3A%2F%2Fnv.ua%2F&ev=93&_u=aHBAgEABAAAAAE~&jid=&gjid=&cid=1294343645.1623230900&uid=0&tid=UA-51943557-1&_gid=2063919059.1623230900&gtm=2wg621WKM63L&cd2=-120&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd11=0&cd12=none&z=1147780998

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Jun 2021 11:22:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79529
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3ab8dbf42f278d67e94bf440aae732ae.png
nv.ua/system/vylazilka/images/000/000/001/original/ 561 KB
562 KB 31ms
31ms Image
image/png 51.89.96.192
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/system/vylazilka/images/000/000/001/original/3ab8dbf42f278d67e94bf440aae732ae.png
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.96.192 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: nv1.nv.ua
Software: nginx /
Resource Hash: 5a56cc283c51615493d88a6a74884fe352b03b49f9e1518a78847a687b8c3a38

Request headers

:path: /system/vylazilka/images/000/000/001/original/3ab8dbf42f278d67e94bf440aae732ae.png
pragma: no-cache
cookie: _ga=GA1.2.1294343645.1623230900; _gid=GA1.2.2063919059.1623230900; _dc_gtm_UA-51943557-1=1; __gfp_64b=YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7|1623230900; _clck=1fc8uqz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: nv.ua
referer: https://nv.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:20 GMT
last-modified: Fri, 04 Jun 2021 09:45:42 GMT
server: nginx
etag: "60b9f646-8c475"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 574581
expires: Fri, 09 Jul 2021 09:28:20 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1208234748&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20%D0%B8%20%D0%9C%D0%B8%D1%80%D0%B0.%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B8%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%E2%80%94%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=10&el=https%3A%2F%2Fnv.ua%2F&_u=aHDAAEABAAAAAG~&jid=139610354&gjid=1026169848&cid=1294343645.1623230900&tid=UA-51943557-1&_gid=2063919059.1623230900&_r=1&gtm=2wg621WKM63L&z=1360137726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 29ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=139610354&gjid=1026169848&_gid=2063919059.1623230900&_u=aHDAAEABAAAAAG~&z=501183569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Jun 2021 09:28:20 GMT
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 24ms
24ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=139610354&_u=aHDAAEABAAAAAG~&z=1971186090

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-51943557-1&cid=1294343645.1623230900&jid=139610354&_u=aHDAAEABAAAAAG~&z=1971186090

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1C8D 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nv.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://nv.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Jun 2021 09:28:20 GMT
expires: Thu, 09 Jun 2022 09:28:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066164336645"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 38ms
24ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4734de4bea801661b5fc9ff15dfd01a2765fe04e9e7dff58730686586959127f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8108
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A8B 624 B
977 B 35ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Jun 2021 09:28:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkaWe9u_S1yg0_3op2hLX2cU-9wjMi5_1wwgD58c4cxuqoBqntyG5dZaJVv; expires=Mon, 04-Jul-2022 09:28:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C8D 63 KB
25 KB 75ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuVsoSnMGCGO96ocf82rurUflVkgwz8dis3dFSlBiJs5RpMqXRKw7bcP0JqGTwr6AtcMB4bSi3p6PR5QlMp69_DoqFPH2bA1wDlQkwDalGjb6EA6_6Y-7UMkVVKL24yKlcvQOhX6ZRpVmisgyrqk-C2Ic4Mw&dbm_d=AKAmf-Ahc9gzsfyLfPAt7wKOHIXHvEl4cYZ4pL4QkcsRSWTh0zPiBXcqcW55U8ZR7Xa_KlNkmys7FlS6uMFqBrwT7XFp7-buljgdzPWGKCUk7BsG7JB4aaUEYc1LxC6GDBzWpm2Om6xRpOFsxMPDMJu2Fp-0GsEZBXQA_2AW7I2Cx4bANvYi_bkXtylwGhicKPMS16RcpjZi-kwIbN00a1xMV8Vg_MeCvULgmgSM13y14a2wDw6yoIO7UHiOjF71Mh8StPZyl1yXXrCVLGLqRj0cfyc4YdmOfTlHIZmtWvbGvbl2xTFbUV5m8x9PBBWP1zCbhLIsaVpReDh2hoIAIi2wdZ2CscJ2LpO8rcK2NDkkfruCH5MYroYh1oDFoFlqmyhyTXiDsDbMXOY7xCzw920clHjcwMY47GI1EXuBfv29KhyI1g6T0vdoZUR59Ks8p8CQOPm1DyMviBqBGXinhlPojaVmHpbBHqiilYk74tpkYD3-iaLP5nFequU5igMwchCl0_2px11uNmZmrSa38C9WgSwiZ0dSyMhQ8IXydVta_mpGgDpoaBMkLBX3YhUkgIztO0yAdM4usGWqENlSq2FPnPiUzV4ymJZAAd9Fb7PGi2OI7Bukx2W9dmIeBV5LO3KJfus41rzhWhYN1zwStngkfhWLmo-dowiPSdJEYHTFwByt6Z_9eWdq83O6HHsbm_KVcK6NAhuQygUSJzTEty1DWNdow1cLm6TSmC5c-4nHtR_iwZChyjtVJVqsSUZG977wkq7HKizXdlUJVQVAnRMy725A5W9KmMHGnFMtJbJ-Y0RW3MrrlvaOe3-yzDM7zuOBp5qVCgav0c-yb8R2FhNMYk3v7uV15c9d1Wsaewyygtkl1ZFejCb4vG81SDImOgBET9A2_F3lMWo6OMTPh6v-pa4lmxGE9oeRSBqxOLzSY_xGrxmfK_egzTrNfdFngb97O2uXw12HCXKD8IZ6aMBRIQnCtA-kA1U4NaQl_UnTS9XvX_tp2O0Vh-kCrRC4VD7BaVX7Y2vzlvJjB6yQHIyyqP0nE86U6d5F4PM-x2NqessaaE2DrR8srIzl23fumyTdZ8pCGJEWrOZBiOwDLPTug9N_0vXR-WW5BOklOSHpCIHFska0zW4NJCnrvQhQ38fhr3L1c7P6asv7Q6xgODloSlBsoKg0Z7ZuJdKJVG-q-0Zla0soaH4NX5MdaVqOvm7dfZcKm6CuVrUkP8ID5-Ajd_oBoHGSiQFxfhrsshWuZ_DdtuF49xWFiyQ3FQFJHxud4QRCgMwlzG-vmLsFuXEccZqFHPpK-Yp5BM4qJfTxuFJumqbZu6BGfCg8NAT4ESHUy0-nD2F7IQxAN1A2K1Tquqoxjqk9QnlwkxjZWNM9CdvXfWDy7ZH77lpKq35jzwiCRZNab5iaiNsagWaOgWT-dJGw1R60-73Hz50KLjiLvffpW6qyIBnpjLU7JPjrbWg5Uv_ZHb94HRa0s6lFTLaTJuEBf8aOVmGMjBaSSa-YO9EGMEzciNJb0WZu6La7QkT1-jySiTZmvMRpc3QRri_rsEQ9VbE5HiikopR6SEvAFzKjTRpwUcqXoQiY6AMTip_H87X92XvrWnRc-Plc6bF5vN8xs71PGEHAlD459qU-m3T3RmO0RwbGESi5V8FOewmrCTmCdqzlVutXYbpew_4lwSokrbzIAXDfQKTB8yWExUv2ihG8tGLLAi4XBZFWKiK3Ebo7t5vi3F7fK7tfvce9GMnTeBdHWmwXVDGfhXT9fNZ4_Q6pkbU0ma3uk09oAwGnmcSXW9eUQgTuKX-Px-KZTZ5nIFwO5oJy67O_1WLHLS9cuGGn6PVZ5mpIdkP140urhrgIfbPYimMsjsHFHFQ8FLDEGnga4fEauPt9Eb0VY6SG5vroRKzzOB82Ez9iD6HnWw0I5EgxGEjQucXOlaoBZa-jCMyJpWI3EwEw6F5qa9JgxI3itKBuWqIFmr3Xb7bzHtm5Gzj7rY11CrPdj6xdTXzR-RLN00GUtI4TadmIkzntnZD0rX7BqFhkVT_1AVG_JGJSLceyNeN-cuAK6UFZgR0in3UxEWBw8HshsfGbyf3FrqZIeiyhUjRDp-BGRXH2OHi9nSkuSYbrbz6phIQg6dwLIHCUUWCX5mSaW_Qq3dKNFTcAkobPtYYk5lgXVqsCXuLvnBZWjT16XLfUpubekmhv-lo0zrvcM_cm70TdsRajwEuuoSA98Yynxfxhl7bo6SVbEQCVemZQRP5wmmKRTuuth4xkDsqJ5LlFq1gvjt8kBp5mvVwzlrVA-rIHSoB7L_zG26LL5NKhgbCV0gDDu_gJ4I2Ge8xGzI_gGYsEQUvMWYlEFy8fhPyzmmmS8-iv9Ec_w5Tb3kBBPoERPekhnBkjrEHk1utGZeDrbEvjGrWfrcNBvWdSLoPuQuPMLY6ZcF30jzrI3CTUK09kGeggfdMPQ_AgAfaXlvkDovxygSJ4M1ZGkl1yxq2U7YgVJqq2XhE8HU49Jw6GJD5fXYdqXncMa4jDxQ99ZB4U35sDIL5BRcVFw9yguQK7e8OQBzKjCiPLkZwGlv9oYwx1PjNihVjMuXKHyr7e2pkS2KpS9IdvuSwywKp1k2v5c7Is69s6x6huQzpJC5ZfsPwdAFMj5bjVWME30gOAyO3TLVOGiH_AeixhVwBV2Wjm-J6LA4lLYwpEObUp-brtvp7-loKHL6kgncfupxlUy3cTmlIl0NygQx31Ziq5cCfYcVhAErLFQquqkkBdLLfC9YmNTjDuQnTATSjqvnsXee8aei8FwbAvp9aEyqLnIfzt81-YanxytmpOAT2ImAdp2D2Q91yTB_GD9HNtjySMp_UBb5Zv43zMlNG4t8xBb-tbcOeQWmstOTcKymNEGVY6DNLwsDi7dgbBKnd_BnaAqW_nbzXt4TAge9AIZsfqQ_gmp7X1A5vT7yHw4mAHk0Mb0DDAwnYEzGDn9X1HF2Pn6dD2YBO7T6oYBPpE9uyjbJ_vOapZJDoy3AgD6npW9UtTiXdvHJzY2MGRCxvHvhQ95XL-h1LlHUEF2XYQia1wQn0zOhB5VT6c6xmUO0xO4aPLxMAuSyfFZOk1icLeK52bBWctoSmPfauMkLP4WGu_bsH3sc7Idc-2j-VeHbXZPsPpYslXD0rX0ghHZCP8BlXKcp2MQzW3H5N557Ve-TAw5Qdua9uBsEVC_GkKKy5jxznOPlmmtO4wXuEdSnduMupWUmtIgNTmw4dN6LAPDfAMU9dvF59vkf2UI-6SN1tWV4leQzDXzR-519iv6dmrqWUTMrVv2_X3im40LFcE43c&cid=CAASFeRoTa_HPv11QEP-Fx1XPZY2dwBkTQ&rfl=1%2Chttps%253A%252F%252Fnv.ua%252F%240

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efce6745485f5336fccc861379ce40afb9c17c1a9d6fe3fdafa8fc09f70cd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8D 42 B
63 B 53ms
39ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BuRFCqgUXKgeH1bFTmn6JbQ5_ilvL3VOEpbh3qiaKAFxJCHPjf248bVt2lZ5s2XGYTD6bET_C9n72_V29SsW85uzARNxMS_lb7seMg5jRPvaXr9kY

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1C8D 2 KB
2 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 09:06:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C8D 122 KB
38 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623066169988846"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 1C8D 13 KB
6 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 09:24:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1C8D 0
0 14ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSn5S0iRKf2VexDIp2tpCuP2GHGUBREl9Q9bgiJoaEdReOOPdsOFBy0KCjibdyl6NEQSuVHlJSNQ6I8kiNOnzLtP_RESA
Requested by: Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1&C=1

43 B
1014 B

68ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Jun 2021 09:28:21 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJGyh18_F-7LwbDFXMSuG2Y&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YMCJtVZ0Gn9v3coNYW7pGQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQ0RhwvNCmcKt6NKfxVnoY&google_cver=1

43 B
894 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQ0RhwvNCmcKt6NKfxVnoY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Jun 2021 09:28:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJQ0RhwvNCmcKt6NKfxVnoY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1A8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECrCDw8xq65OuE8sS4II8r0&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECrCDw8xq65OuE8sS4II8r0%26google_cver%3D1

43 B
1 KB

39ms
39ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECrCDw8xq65OuE8sS4II8r0%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIy6JRCfnNACGJv9g6gBMAE&v=APEucNUq-H83b4f6OlFe275l1D0nK7aNIlnTtgX0xo5oEhImApSSqEToWCcMfWSwOUNeWj5bL1UEDHuM6ZaUpgS358RuEsF264uzEQZ3xnfVa-HGKDSf4yzSq0OOHVPQW3CJH0K0hi-gtLiM_ENaTpJJMlHo6ON4mQXYZ_-VrtFpltproJPWXUc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
X-Proxy-Origin: 185.216.34.172; 185.216.34.172; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 4ab1aa9d-1362-4eec-b9f5-d32db693a5e0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
X-Proxy-Origin: 185.216.34.172; 185.216.34.172; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid: 5330493d-d81a-4ebd-a2d4-da1ac35fca03
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECrCDw8xq65OuE8sS4II8r0%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1A8B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIyMzgwNDA1NDAyNTkwMTEwMQ%3D%3D

170 B
188 B

74ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIyMzgwNDA1NDAyNTkwMTEwMQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
X-Proxy-Origin: 185.216.34.172; 185.216.34.172; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: c2b80667-1a6c-4b1d-9601-7890580697d1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIyMzgwNDA1NDAyNTkwMTEwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 876C 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nv.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://nv.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 09 Jun 2021 09:19:42 GMT
expires: Thu, 09 Jun 2022 09:19:42 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 519
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 309D 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4dad7f9cc5125da80e168816aa8f9b24751f97618a87fe68d1f9fab75498de2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+aRO+I3eIQ8tkSoF1Bwnlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nv.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://nv.ua/

Response headers

expires: Wed, 09 Jun 2021 09:28:21 GMT
date: Wed, 09 Jun 2021 09:28:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+aRO+I3eIQ8tkSoF1Bwnlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 1C8D 176 KB
61 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64758
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 15:29:03 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 1C8D 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuVsoSnMGCGO96ocf82rurUflVkgwz8dis3dFSlBiJs5RpMqXRKw7bcP0JqGTwr6AtcMB4bSi3p6PR5QlMp69_DoqFPH2bA1wDlQkwDalGjb6EA6_6Y-7UMkVVKL24yKlcvQOhX6ZRpVmisgyrqk-C2Ic4Mw&dbm_d=AKAmf-Ahc9gzsfyLfPAt7wKOHIXHvEl4cYZ4pL4QkcsRSWTh0zPiBXcqcW55U8ZR7Xa_KlNkmys7FlS6uMFqBrwT7XFp7-buljgdzPWGKCUk7BsG7JB4aaUEYc1LxC6GDBzWpm2Om6xRpOFsxMPDMJu2Fp-0GsEZBXQA_2AW7I2Cx4bANvYi_bkXtylwGhicKPMS16RcpjZi-kwIbN00a1xMV8Vg_MeCvULgmgSM13y14a2wDw6yoIO7UHiOjF71Mh8StPZyl1yXXrCVLGLqRj0cfyc4YdmOfTlHIZmtWvbGvbl2xTFbUV5m8x9PBBWP1zCbhLIsaVpReDh2hoIAIi2wdZ2CscJ2LpO8rcK2NDkkfruCH5MYroYh1oDFoFlqmyhyTXiDsDbMXOY7xCzw920clHjcwMY47GI1EXuBfv29KhyI1g6T0vdoZUR59Ks8p8CQOPm1DyMviBqBGXinhlPojaVmHpbBHqiilYk74tpkYD3-iaLP5nFequU5igMwchCl0_2px11uNmZmrSa38C9WgSwiZ0dSyMhQ8IXydVta_mpGgDpoaBMkLBX3YhUkgIztO0yAdM4usGWqENlSq2FPnPiUzV4ymJZAAd9Fb7PGi2OI7Bukx2W9dmIeBV5LO3KJfus41rzhWhYN1zwStngkfhWLmo-dowiPSdJEYHTFwByt6Z_9eWdq83O6HHsbm_KVcK6NAhuQygUSJzTEty1DWNdow1cLm6TSmC5c-4nHtR_iwZChyjtVJVqsSUZG977wkq7HKizXdlUJVQVAnRMy725A5W9KmMHGnFMtJbJ-Y0RW3MrrlvaOe3-yzDM7zuOBp5qVCgav0c-yb8R2FhNMYk3v7uV15c9d1Wsaewyygtkl1ZFejCb4vG81SDImOgBET9A2_F3lMWo6OMTPh6v-pa4lmxGE9oeRSBqxOLzSY_xGrxmfK_egzTrNfdFngb97O2uXw12HCXKD8IZ6aMBRIQnCtA-kA1U4NaQl_UnTS9XvX_tp2O0Vh-kCrRC4VD7BaVX7Y2vzlvJjB6yQHIyyqP0nE86U6d5F4PM-x2NqessaaE2DrR8srIzl23fumyTdZ8pCGJEWrOZBiOwDLPTug9N_0vXR-WW5BOklOSHpCIHFska0zW4NJCnrvQhQ38fhr3L1c7P6asv7Q6xgODloSlBsoKg0Z7ZuJdKJVG-q-0Zla0soaH4NX5MdaVqOvm7dfZcKm6CuVrUkP8ID5-Ajd_oBoHGSiQFxfhrsshWuZ_DdtuF49xWFiyQ3FQFJHxud4QRCgMwlzG-vmLsFuXEccZqFHPpK-Yp5BM4qJfTxuFJumqbZu6BGfCg8NAT4ESHUy0-nD2F7IQxAN1A2K1Tquqoxjqk9QnlwkxjZWNM9CdvXfWDy7ZH77lpKq35jzwiCRZNab5iaiNsagWaOgWT-dJGw1R60-73Hz50KLjiLvffpW6qyIBnpjLU7JPjrbWg5Uv_ZHb94HRa0s6lFTLaTJuEBf8aOVmGMjBaSSa-YO9EGMEzciNJb0WZu6La7QkT1-jySiTZmvMRpc3QRri_rsEQ9VbE5HiikopR6SEvAFzKjTRpwUcqXoQiY6AMTip_H87X92XvrWnRc-Plc6bF5vN8xs71PGEHAlD459qU-m3T3RmO0RwbGESi5V8FOewmrCTmCdqzlVutXYbpew_4lwSokrbzIAXDfQKTB8yWExUv2ihG8tGLLAi4XBZFWKiK3Ebo7t5vi3F7fK7tfvce9GMnTeBdHWmwXVDGfhXT9fNZ4_Q6pkbU0ma3uk09oAwGnmcSXW9eUQgTuKX-Px-KZTZ5nIFwO5oJy67O_1WLHLS9cuGGn6PVZ5mpIdkP140urhrgIfbPYimMsjsHFHFQ8FLDEGnga4fEauPt9Eb0VY6SG5vroRKzzOB82Ez9iD6HnWw0I5EgxGEjQucXOlaoBZa-jCMyJpWI3EwEw6F5qa9JgxI3itKBuWqIFmr3Xb7bzHtm5Gzj7rY11CrPdj6xdTXzR-RLN00GUtI4TadmIkzntnZD0rX7BqFhkVT_1AVG_JGJSLceyNeN-cuAK6UFZgR0in3UxEWBw8HshsfGbyf3FrqZIeiyhUjRDp-BGRXH2OHi9nSkuSYbrbz6phIQg6dwLIHCUUWCX5mSaW_Qq3dKNFTcAkobPtYYk5lgXVqsCXuLvnBZWjT16XLfUpubekmhv-lo0zrvcM_cm70TdsRajwEuuoSA98Yynxfxhl7bo6SVbEQCVemZQRP5wmmKRTuuth4xkDsqJ5LlFq1gvjt8kBp5mvVwzlrVA-rIHSoB7L_zG26LL5NKhgbCV0gDDu_gJ4I2Ge8xGzI_gGYsEQUvMWYlEFy8fhPyzmmmS8-iv9Ec_w5Tb3kBBPoERPekhnBkjrEHk1utGZeDrbEvjGrWfrcNBvWdSLoPuQuPMLY6ZcF30jzrI3CTUK09kGeggfdMPQ_AgAfaXlvkDovxygSJ4M1ZGkl1yxq2U7YgVJqq2XhE8HU49Jw6GJD5fXYdqXncMa4jDxQ99ZB4U35sDIL5BRcVFw9yguQK7e8OQBzKjCiPLkZwGlv9oYwx1PjNihVjMuXKHyr7e2pkS2KpS9IdvuSwywKp1k2v5c7Is69s6x6huQzpJC5ZfsPwdAFMj5bjVWME30gOAyO3TLVOGiH_AeixhVwBV2Wjm-J6LA4lLYwpEObUp-brtvp7-loKHL6kgncfupxlUy3cTmlIl0NygQx31Ziq5cCfYcVhAErLFQquqkkBdLLfC9YmNTjDuQnTATSjqvnsXee8aei8FwbAvp9aEyqLnIfzt81-YanxytmpOAT2ImAdp2D2Q91yTB_GD9HNtjySMp_UBb5Zv43zMlNG4t8xBb-tbcOeQWmstOTcKymNEGVY6DNLwsDi7dgbBKnd_BnaAqW_nbzXt4TAge9AIZsfqQ_gmp7X1A5vT7yHw4mAHk0Mb0DDAwnYEzGDn9X1HF2Pn6dD2YBO7T6oYBPpE9uyjbJ_vOapZJDoy3AgD6npW9UtTiXdvHJzY2MGRCxvHvhQ95XL-h1LlHUEF2XYQia1wQn0zOhB5VT6c6xmUO0xO4aPLxMAuSyfFZOk1icLeK52bBWctoSmPfauMkLP4WGu_bsH3sc7Idc-2j-VeHbXZPsPpYslXD0rX0ghHZCP8BlXKcp2MQzW3H5N557Ve-TAw5Qdua9uBsEVC_GkKKy5jxznOPlmmtO4wXuEdSnduMupWUmtIgNTmw4dN6LAPDfAMU9dvF59vkf2UI-6SN1tWV4leQzDXzR-519iv6dmrqWUTMrVv2_X3im40LFcE43c&cid=CAASFeRoTa_HPv11QEP-Fx1XPZY2dwBkTQ&rfl=1%2Chttps%253A%252F%252Fnv.ua%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 09:27:57 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 1C8D 22 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 18280575870105241958
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Jun 2021 09:26:14 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C8D 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 06:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11340
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 06:19:21 GMT

GET
DATA 200
OK truncated
/ Frame 1C8D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f8d3d1377100daa47822a1ed2cab52625a1b39f7cd5e0590ecebff35664c73b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 876C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:21:11 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0973 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 09 Jun 2021 06:20:54 GMT
expires: Thu, 09 Jun 2022 06:20:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11247
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mtrcs_487794.js Show response
s248.mxcdn.net/bb-mx/serve/ Frame 1C8D 151 KB
58 KB 109ms
45ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bb2c4321e2b4f596104912d635520175f1bfa9eb7ba930aabfb6bec03fd59461

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 09:28:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 13:14:45 GMT
Server: nginx
ETag: "\W00000587581622726085776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=48207
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58758
Expires: Wed, 09 Jun 2021 22:51:48 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 44 KB
5 KB 29ms
15ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294c330ca5ab6b8e8f40f54a5ddd5f829da0b8c9c81d3dfd0f9639548eb083cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5440
date: Wed, 09 Jun 2021 09:28:21 GMT
expires: Thu, 10 Jun 2021 09:28:21 GMT
cache-control: public, max-age=86400
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C8D 0
575 B 108ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7NW3ffS2LRz-cP0cL1zZQnafYcHFll-D0Tf4BhGGYTyTHxrBNLWMcJxc1doGsgm8QGAoODWu75ymeTLICfw1eBlM4wcb2VkJRtuWkFF48PEa21B6iUhwRjuO4FmQsYVkSKGsYtsMBwra1E8tyd-Liwjk1bGKCEs1ttjdvTlUN53KPhSsR-6kEBDPh4J1bKN1fOw9KP3tk_wwiRAkcoyiKdwTvXEfJlGzXKjZMFTjXMxeR0IpDZMfASMH6a4G8vbsPUj78rmz2K0vAA_jnk-Ol1oJJI7HjnW3sYLwBzrJaIkdLGpUb42edE0Dt2_vWwfJizwc8S_QrRskbvw_agwa346HZVeu3T3jUNT07TUYtost9wFEmB66AOLOXyufkHpX7Bvh3B8oCj9pjGZn9j6aqPavBQHViAJllxVK0sxzyZS0L3tapsX2AYWONHUeRlD_sn-bXFltAHKYPaW5A8SzlqBqZ9TIl3-7EfEFKbhYWj1zn6h_FB9vG1gjKMV7Qp6ksWuFvVXEczaPszZ1gyOqqNPissefVacgupuBpJUND38HJMa9fRk6Rni_CpiHDpj6VqNJT53nuJ6a6zNS87TCigfimLkv_oLT517dE3t5H5qmnk2M6pHuEdNZoy2Cdah7ADjEK8YvJgJflXkH9lli0oDkoQ9kWLW5b-Mm_lkj0bRwxX8QSJoLAoG09A6snrn40-FrtIvvNLyOktZDXFML8sqt0pLlzUA2X8fL9kGk-7IemYLMmbOx-uza98oQ_IEMOT4md55WRk4_FCUCMAVBn-pl0X6NlVr2xfwG-LWwryanXJx4SikCHRUD9h5cH8IhAGA7I_HVLF_DeY9Nuq_G9hENXXSh5mki83NWj8ns_J51HgPoE7FMdivlXt7KG-QMeW9QbAe9QZcrTbuKV_xJIYFcpPJf82kqo6T7-BeUKORaYA9rpFJ0WYlJutSZbSCyzmb7adV1ujg2D8Jkj86wZJ1ZnPOYptCjLy8j9I5Vas5jxUSAeyIK4qNMM2JNJH0EAKUkzrutfka4jeyXWAhPcoFeaPm55dNO9rlzVszjBmzU2nJc4qFzaib9-U_ZV5pqjQt37zqp5JekC7gOERaLkL-XITwaaODkq2nfJKNSmBan3kofDLv9TgM1dusPRSEY&sai=AMfl-YQe8UEbNBQpFmrWLTfka-D9tKCf3DlaB3COd-4YjaPo64zuucFyoqiOT_Xpr0EFeq473mRIw2oyKL6jnsNBTdz8iRcwb2l2DF8Y--VAnfwNk3rsXHynzQ8ZrJ2sJHzbsABViKd8L1ju98GPoO7757zJ1clrbKP-p6iGTx4&sig=Cg0ArKJSzEcIpqFyrr7bEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=102&cisv=r20210607.34584&adurl=

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 09 Jun 2021 09:28:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0973 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:21:11 GMT

GET
H3-29 200 gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 55 B
78 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9925dc8fdc741305ffba07d91a1ea84c3e56187e55fa30b4063f7bddaaef318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:18:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 72615
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:18:06 GMT

GET
H3-29 200 gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 731 B
260 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64756
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 15:29:05 GMT

GET
H3-29 200 gwdattached_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 25 B
48 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d86a1f085058e7a82920bb9001286c7033b95dc0f7e1555e4fce2ffa6230748d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:19:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 72521
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25
x-xss-protection: 0
expires: Wed, 09 Jun 2021 13:19:40 GMT

GET
H3-29 200 gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 44 B
67 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3225f378c00d8870e6d73c3b99cd541d2a9e0ce2d04b24fd41afee29d8c84da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:20:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 50888
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44
x-xss-protection: 0
expires: Wed, 09 Jun 2021 19:20:13 GMT

GET
H3-29 200 gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 281 B
184 B 10ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78792
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 11:35:09 GMT

GET
H3-29 200 gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 157 B
141 B 13ms
11ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64638
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 15:31:03 GMT

GET
H3-29 200 googbase_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 163 B
152 B 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

252d7dd30664efb6b9214d1262a91b1015f095114d3b4b47568b9caa19645a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:08:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47982
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 20:08:39 GMT

GET
H3-29 200 gwd_webcomponents_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 17 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwd_webcomponents_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 23:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37134
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5637
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 23:09:27 GMT

GET
H3-29 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 2586 109 KB
37 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60267
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 16:43:54 GMT

GET
H3-29 200 gwdpage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 3 KB
986 B 12ms
10ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b8e40848793a7e3892874fda515fea4d32452d42f3bc823c55dce4e870eb01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63502
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 960
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 15:49:59 GMT

GET
H3-29 200 gwdpagedeck_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 6 KB
2 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ba4bcc8512c3ba29ddeed3271fda96e487fc863ca9dbfe2c63073c62d59c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52069
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2367
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 19:00:32 GMT

GET
H3-29 200 gwdattached_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 420 B
273 B 19ms
17ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e653267eac8b860b7132c5f4c5555e4410ec0c88700172a06fd681b3abf1525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48873
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 19:53:48 GMT

GET
H3-29 200 gwdtexthelper_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 6 KB
2 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce51d2cb4a2fe3121b80537b5bf2aaa6e16bf1cff259ba233b48d1aaeb03e563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 17:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59126
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 17:02:55 GMT

GET
H3-29 200 gwdgooglead_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 14 KB
4 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c776c659b466face1225e6979399c88b4282906d3e2f6eeb17f1303e8ff9942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62338
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4340
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 16:09:23 GMT

GET
H3-29 200 gwdimage_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 4 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4affdfd4b409d656488397d0eaeb5fcae773ec2e0b470cd23afddd601817f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41272
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1448
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 22:00:29 GMT

GET
H3-29 200 gwdid.min.1.0.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdid.min.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e2c23d27dce5c5a85a34b04c4d311cad8b13c6a9693e31e96eb1559087f9c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 16:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61755
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 16:19:06 GMT

GET
H3-29 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 6 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 06:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10940
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1468
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 06:26:01 GMT

GET
H3-29 200 gwdtaparea_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 2 KB
830 B 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17a0af89c14dd4f2e776d60d6f5bc81b1765c5c75357c1cd1e09a25baeab520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63419
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 803
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 15:51:22 GMT

GET
H3-29 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 2 KB
989 B 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f04964e2b1599980730940d8f0ea03ed715e37df6a0de083351e01587869faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 13:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70349
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 13:55:52 GMT

GET
H3-29 200 gwddatabinder_min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 5 KB
2 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e85a27009bd84280989449444d8234f498dd46bd7689ed089eda4e7de90a241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50905
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2108
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 19:19:56 GMT

GET
H3-29 200 GothamMedium.woff
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 26 KB
26 KB 7ms
7ms Font
font/woff 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/GothamMedium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7ebb6b0662faad2315746bea68acf03c0a59406b9848a5e6962b4e7d350369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 11:12:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 80146
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26624
x-xss-protection: 0
expires: Wed, 09 Jun 2021 11:12:35 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C8D 0
23 B 74ms
38ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK gettag Show response
s248.meetrics.net/bb-mxad/ Frame 1C8D 0
208 B 106ms
33ms Script
application/octet-stream 136.243.13.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s248.meetrics.net/bb-mxad/gettag
Requested by: Host: s248.mxcdn.net
URL: https://s248.mxcdn.net/bb-mx/serve/mtrcs_487794.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h315.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 09:28:21 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b173.s248.meetrics.net/bb-mx/ Frame 1C8D 43 B
291 B 106ms
32ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/bb-mx/submit?//Ks3BxAAA/whFtBo0F0wFz6BvvAx0A4zA25AjwB11Am4BmiF4jEk1B0kEmyBwwAjhFwjE0hEy2AuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBFtpyFo0F0wFz6BvvAu2Fu1EhvB+k2FoywAyxAtwA2tAwzAtxAz6Ax0At0A43A35A0tAyuAxyAyuAztAllFy1Aw4Ai3Bjp6FtxAywAsp3Fx2AyzAyzAw5AwxAwxA4BEjwtFuvFulFkqnFluFtVETBFL2wFBLl1FC92iFuhF2pFnhF0vFyfF3lFikFypF2lFygBuvFfwFs1FnpFuzF/2xFsCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0zF0vFyhFnlFpuFmvFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FylFx1FlzF0hFupFthF0pFvuFmyFhtFlgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4gAthF4fFluFnpFulFf1FurFuvF3uFLlnFB/k0FtCxgAwqFpkF90A43A35A0mAhkFj9B0yAxyA0yAymAjwFpkF9yA13A1wA10AwmAzpF0lF91A32A15A03AmwEshFjlF9zAwyA50A13A0zAmjEpkF90A51A33A00A30AmzEp6Fl9B9zAwwA42BwwA7vEykF9bE0pFtlFz0FhtFwdF7kEjfFymFs9BxtAo0F0wFz6BvvAu2Fu1EhvBkwA7kEjfFylFm9Bo0F0wFz6BvvAu2Fu1EhvBjiF9yA30AwzA1zA1wAzBEUkzFpBFAAAAAAsEYJYJAPAAAAAAAAAOAAAAGBAAAAAsEYJYJABPeAAAAAAAABA6DAZQAAFAx8Ez8ExBEFAx2AwwAwBEr3A/APBAAFAAA6DT3A/ASksFLJbAAAAAAAAAAAAEAAAA6DAAAAAAAIAy1A31Aw1A0wAJAzwAy5A01A30AzBEHA13A21A50A3BEVB9zAwwA42BwwA7vEykF9bE0pFtlFz0FhtFwdF7kEjfFymFs9BxsAo0F0wFz6BvvAu2Fu1EhvBkwA7kEjfFylFm9Bo0F0wFz6BvvAu2Fu1EhvBjiF9yA30AwzA1zA1wAzBEJA05A13A30A03A0BEHA0yAxyA0yAyBEdAAAAAAsEAYJAFAAA3A/AAARCo0F0wFz6BvvAzwBuyAtkFuuBulF0vBhkFzvBypFjoFtlFkpFhvBz0F1kFpvFvwE2yBv2Ax0Ay1A0xAzvAywAywAw5Ay0Aw3AxyAx2AxwAzvApuFklF4uBo0FtsF/lE92A5mAslFm0FPmFmzFl0F9wAm0EvwFPmFmzFl0F9wAmjE9VEiLFmJFMsFiJFomB09BxmAylFukFlyFpuFnUF5wFl9ByBEEAIQFBxBAAAAAAAAAAAAAAGAJGFSBFNFFdAAAAAAsEAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFQtjFhTZpYA
Requested by: Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Wed, 09 Jun 2021 09:28:20 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 105ms
32ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3C3AAAUkzF7GZBAAFAx8E18ExBEFAx2AwwAwBErY0mAPBAAAAAAAAPY0mAPAAAFAAA6DTY0mAZAAAFAw8Ez8EwBEFAx2AwwAwBErRMPAPAAAFAAA6DTRMPAPBAAAAAAAAzRMPAZAAAFAw8Ey8EzBEFAx2AwwAwBErfeOAPAAAFAAA6DTfeOAPAAAAAAAAAzfeOAZBAAFAw8Ex8EyBEFAx2AwwAwBErehwAPAAAFAAA6DTehwAPAAAAAAAAAzehwAZAAAFAx8Ex8ExBEFAx2AwwAwBErtDOAPAAAFAAA6DTtDOAPBAAAAAAAAztDOAZAAAFAx8Ey8ExBEFAx2AwwAwBErLFDAPAAAFAAA6DTLFDAZAAAFAx8E18E2BEFAx2AwwAwBEr8wBAPAAAFAAA6DT8wBAZBAAFAx8E18E4BEFAx2AwwAwBErsmgAPAAAFAAA6DTsmgASksFNPdAAAAAAsEAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAA8wBAAAQAOPFfTFPVFSDFFfFx2A12Az5ACATJFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAsmgAAA2EkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFCrBTVFSCFWCFqUFiaFHCFERFBoFDBFQMFC1F3vB3REkhFRNFoyFZpFTXFlsFYnFm4FoIFiHFCUF3mFQVFl3BKLFCVFL0FoWFVvFQIFVwFyXFyPFykF54F2KFw2AllF01F6TFhaFVkFytFSpFxxEnzF65BzwF0hFoyFsTFCnFHlFoEFSuFPqFUCF0TEDzBPqFkzBzUENwFLmFT4FQoFr4Fy5FFPF2tFOwByIFEpF4zBsCFrUE5vAXUFu6FVvBFCFSxBnGF3pFMIF2UENBFBBFBBFTVFWPFSLF1DEZJFJ9BCATJFAAAAAAAAAAAAAADAEJFWBFQtjFMZm9WA
Requested by: Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:20 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 113ms
35ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3D4AAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFGYVNSA
Requested by: Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:20 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2586 5 KB
4 KB 16ms
15ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8491a66fa14ab5fbd97274193e512da6ab946e730dbececd3f80b99a5c4929c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4258
x-xss-protection: 0

GET
H3-29 200 cta_button_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 7 KB
7 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/cta_button_1.jpg

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46407cce560ac336451e8d03f0d51e2d86200eb41cd715de897e40dacade61ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 06:26:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 10938
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7556
x-xss-protection: 0
expires: Thu, 10 Jun 2021 06:26:03 GMT

GET
H3-29 200 GIS_Logo.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/ Frame 2586 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/GIS_Logo.jpg

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fa9cbfcef5ad266136acad488491759f0f609867216a40c8f3f9d58409f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 06:17:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Sep 2020 14:12:16 GMT
server: sffe
age: 11479
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7839
x-xss-protection: 0
expires: Thu, 10 Jun 2021 06:17:02 GMT

GET
H3-29 200 barbier_300x600px.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/84257317/dirty/ Frame 2586 40 KB
40 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/84257317/dirty/barbier_300x600px.jpg

Requested by

Host: 148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
URL: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb0fc1093592dd5cf3d8b2d483ce250bc3b528c6ec09e9bc452110876e38210f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61425413/20200924071216103/index.html?e=69&leftOffset=0&topOffset=0&c=UbKfILlbIh&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:16:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:04:18 GMT
server: sffe
age: 33122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40905
x-xss-protection: 0
expires: Thu, 10 Jun 2021 00:16:19 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2586 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 09:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 09 Jun 2021 09:28:21 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FC3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:21:11 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060301&jk=2744488245241648&bg=!4OOl46fNAAY6sG-_OrA7ACkAdvg8WnsVQyXv-xmo6Az06mvrLV4zeih630FMJ1Nn1i1XJxg6UM5EtgIAAAEvUgAAADdoAQcKASAjPzTLkMKNZyZU03ruGdZ5KYJtu_tCrG9bRK18Bh43Oo9qHf6DDdaIiWPJPJNxUc3T0fFGWeqps0XAlIg8QWB8cfw8yPAjDIUt6Dii7LIUp6c4UGvFURhcfekti0d6OCQ8t7AgyZYooSRRoHbX04RtWHPf0wd1R3KoJ5bsTR_WaVtmwnKkk0VjWCLToooaG0gBhEyfNMhngTeXxwIpL80buQjq53EUe4skjbBiphTCuG3tbxPGbdMDGmhkIsFtXR9Cbbwtj0NmKerNDnSNuAPYKxe9KBtfXri8YTc7dFJIiqpx5W2JIJGHEbXwjsu9LN42b_5WOTGX3OXqyTVwkKNRUIkXMlXdO1c7jfS9UQFv0m6m3KicjsqWStrtFoH6wHOZAmbUQxO852td8cqpAOEIclm3quj4f8Yh0msLvSjjfDcMc5B7Hv0Us7kIj_lGp2XBAIHIYL1n-aDxx9KbVXmDdwiBWesXPzipatFjF-TbzqjMySjZl2UJM45D-F2Ek2FEfkKSbnmEUgLa0RGFHPZS2MAFjZSGTMUIwoaKsBBJN4ltvRE6Zue9CXFpAAkinLOmE4NFZXU4hLgBogS89qRxSp9zy_QegLYHiPp-BEs2B59bqt4Lk2BLQxAu5eBw3a_MhNcZ4eT1mkzPMJdwFoINzi67qpLnr7HgPTTGxXRhkUCxRtRApkUa-HJzk9YE4AklX4xwMna5p11Ju-zVYci4roklZlIROPJVDuil-FsNFXzFSdoyLCFlUbYStRyUxXk0RUgckYBUp0gFboxmwKEtszPdR7gmeOac-4bAanD6iO-00kDiB6odnApGnwkyllGOUm-kJDbVZ8_kyL4zMFWuXqHKfGSkqEWRgLhq2Q9g7CoYLocaP4DzqrF7X8DeI-N-bOsutKdo2zeoI1oXv8asB3NL0DTgCARfX5DSOZ7dzKavPzsQayd_hnuCMaqywL6_uBmbnNw3LrpWrC3l31zFAesi0vmIX2852yoGStP6WRRXvJyeAXiJZQx_EWyLkum-ZmDTj7ylc9cfBoKcXGCdPDls8nyN_QhYrrTebaItAGp-y7tuMck6tRngUC1kz1LZJZ0VK07lgzTmE_REgDcIHMWsNrRi7IWC68xgHy8P8tAe2Kv9UPembp3hEWpIl4q1b-jnrKvqXWjSN9GPatjjSRQoIx0WAOzkSoqPHBrVNwmiThokFDDuKg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 34ms
34ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3E/DAAsrvFo0F0wFz6BvvAu2Fu1EhBFLruFBLkqFFlqwF04A33A50ALnoFBLl1FDLkqFKtkyB04A33A50A6wEylF0pFtlF2qoFx2AyzAyzAw5AwxAwxA41Az4AntF4mE62FoBFOprFyF3BOqwFyF3BlqwF04A33A50ALkmFBTkzFzQ4AAAAAAAAYAAAAuBAQAAAAAAFFAXAAAAuBAP5BAAZAwSAcAAAARksFAQtjF9+NVSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0973 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkCsItYnAYNaEBauK7_UP05e6gAMAAAAAOAHgBAI&bg=!v7ylvPjNAAY6sG-_OrA7ACkAdvg8WmbBwqY0izs-7BYVEH_Ghoq1fvEYpn7bP5NJET0Z1_LEWmZnFwIAAAFWUgAAABNoAQcKAJYW3lXZ0Qmb40-tPFbIIIAcDa7bxWpRRpDGgIGh6mu51dWfKaC5IcLTeAVeHQcY6YmAsU3s4xRl4B_bEwQZxNFKt1LifaBI8QIC6Vf6FyWzfqH4slgMWfk6bU9tL-KZUhgAnC6oJcdQcYB6VEcwucJw4jgfmcj5MCBh5DZMMBXi98BVR7NxJddTC9Wzodw2PS_zE27kOi-ZAqmIA8IKmJPHvq4RnljNsw96Mk4nYrk_m8weX13rT9j_DYDxjxWYENhrQ6zqN4_SsYaQgPD-uRkTT1c-4ZXaetuMn5HUuIvqDA0HGZ32k-mIyfUIlJ6-xbhh9frgWSNKl5kBGPgNIEWQ60F_SutE6ieg9h6ETDUYHvB2DX5s4VmBeATRiilrn8Jco-nfh3LVleRm707y0XcKdfENwLs_n3erm-4IJxRn7102cPRnToURwjsaisu62l6dq9DnJSXS3f6rZx-Q8Gr9vdqa9glDwxZBHTSW-mWMAoBfDC2r91H9AkPEoPOBoGt-h5vfsKdM2vayBb94fA7sL0DmAnj6jyC89owsjv5l0P5cqwq-7OirrI3AQT3AZqvPM7c2hEPQ7G8tjeDw9_y2N5fVTiUUZalglZrJ5spORUJhAJjJvoP_lQIJ3LKRk6B1RTcCNDVemZ5PzriIH7aOddazkxVa2EjtXy6K0bXfLQYHO5swnVCmISI1yAjwENR6wVLgaLhPgcXRs5R7WiQYxfIg5F7HftLA9nkp6s9LnHf_086H5ads9HIY092bT-V1TRSDjEbh48trFPgNw88Uaruuy6Sus9OCclVnXV_bUtesRxQyjIc4OISt6l3rwUmZcPCSS_3jQ-Q9f0xQrA3j3IYLODqFmmM1S8nXvVfmpiWAojRQt9krjFDIkn8V5qQTkdmb0bejzr9vQvyV7jesTUIYqcyy-qVuIyBoEAgoluYauP8so1-bcaKq5gI5CJUmuO19hXYmBKol2xhA1OOPgCRY9fcArTIyNuuAeem4TT23wOrtVkRhUH0b08usY6YSStM-F5lQI8wbB8yQxSN5tfAiC_w8vRZnJxhdaUBt35qpxVnmL4wtrBeBEMjvvo7xOjBpbBF7uk8Q5SJqkz_7zbc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C8D 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEfiXvB8xDarjD15EqQWOx7ksZ-Muzjq1hVME-aTSaOJOvt8jGjBkV51XsZvlHEE_MsZIEwTxUNB0a1213hmxVpzXuYjl9HSzRQl_cySDsRVx3dzujpctXbMQ6Aw&sai=AMfl-YSZWOH6rM_lhx9v8NusBp1z78EqD8ki1kOJQiuq6uAPUS81hzXai6DKEmFoKwmhMTPZfSK0sYJ6pSMER1SV2YsbT8MIOsFfbMeCOfqO24qP7hc1yMMRi38RBnyeLApH&sig=Cg0ArKJSzCjfQA9XIU5_EAE&cid=CAASFeRoTa_HPv11QEP-Fx1XPZY2dwBkTQ&id=lidar2&mcvt=1000&p=925,1373,965,1414&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1542901095&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623230901034&dlt=9&rpt=175&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 35ms
35ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3FUYAATkzFPPFFAAAAAAAI8wBARksFAQtjFDURNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:21 GMT

POST
H2 204 collect Show response
www.clarity.ms/vmss-eus/ 0
171 B 98ms
98ms XHR
text/plain 2620:1ec:48::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/vmss-eus/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/vmss-eus/s/0.6.13/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48::67 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://nv.ua
date: Wed, 09 Jun 2021 09:28:23 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0t4nAYAAAAAAvVU36UfvIRbNDbW0ap3tYTE9OMjFFREdFMTUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 35ms
34ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3Ge7AAl2yFuvFfhFwpFTkzFARksFAQtjFfmRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:24 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 34ms
34ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3HKOBATkzFARksFAQtjFOrJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:25 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 35ms
34ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3IOwBATkzFARksFAQtjFwwJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:28 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:27 GMT

GET
H2 200 dc_oe=ChMIlrP9qZ6K8QIVK8W7CB3Tiw4wEAAYACClsag-QhMI-_ncqZ6K8QIVg-O7CB0LXwQW;met=1;&timestamp=1623230911488;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1C8D 42 B
498 B 102ms
38ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlrP9qZ6K8QIVK8W7CB3Tiw4wEAAYACClsag-QhMI-_ncqZ6K8QIVg-O7CB0LXwQW;met=1;&timestamp=1623230911488;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Jun 2021 09:28:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b173.s248.meetrics.net/ Frame 1C8D 43 B
308 B 34ms
34ms Image
image/gif 213.239.199.37
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b173.s248.meetrics.net/data?//Ks3JU/CATkzFARksFAQtjFpoJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.239.199.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h534.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Jun 2021 09:28:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Wed, 09-Jun-21 09:28:32 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nv.ua/	1970-01-20 03:39:26	Name: _clck Value: 1fc8uqz
.nv.ua/	1970-01-20 04:22:38	Name: __gfp_64b Value: YsEhvkJoJ5wOcm7FF6DNjIwimVVJYblZfwZ3Mx0fbHT.t7\|1623230900
.nv.ua/	1970-01-19 18:53:50	Name: _dc_gtm_UA-51943557-1 Value: 1
.nv.ua/	1970-01-19 18:55:17	Name: _gid Value: GA1.2.2063919059.1623230900
.nv.ua/	1970-01-20 12:25:02	Name: _ga Value: GA1.2.1294343645.1623230900

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://nv.ua/scripts/after_scripts.min.js?3.389(Line 1) Message: loadAd
console-api	log	URL: https://nv.ua/scripts/after_scripts.min.js?3.389(Line 1) Message: cls - 0.05457050634765624 [object LayoutShift]
console-api	log	URL: https://nv.ua/(Line 943) Message: renderFirstBanners
console-api	log	URL: https://nv.ua/scripts/after_scripts.min.js?3.389(Line 1) Message: 3
console-api	log	URL: https://nv.ua/(Line 990) Message: slot - div-gpt-ad-1536739319652-0 300,600
console-api	log	URL: https://nv.ua/(Line 990) Message: div-gpt-ad-1536739319652-0 300 600
console-api	log	URL: https://nv.ua/scripts/after_scripts.min.js?3.389(Line 1) Message: cls - 0.017651839447021485 [object LayoutShift]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

148369c055f8fb8cd54df200ca0c4a26.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.at
adservice.google.com
b173.s248.meetrics.net
c.bing.com
c.clarity.ms
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.weserv.nl
nv.ua
pagead2.googlesyndication.com
s0.2mdn.net
s248.meetrics.net
s248.mxcdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
136.243.13.134
142.250.185.130
142.250.186.130
142.250.186.34
146.59.10.80
172.217.23.98
185.33.221.15
2.18.233.67
2.18.234.21
213.239.199.37
2606:4700:3030::ac43:8f51
2620:1ec:48::67
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:803::2006
2a00:1450:4001:809::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9b
51.89.96.192
52.142.114.2
88.212.201.198
0018127f74c9fc8eb29979ebbb651f6556a646f7c6d426374b0d5178d4aefc74
021c65ee9dc860e9ffe3aeebe61eaf14c50d090fc467eb6618bb7c356c8c9787
04f4de66929167a91ab8609b4c823c90f46c8484f7bf86f0d4f0f7874b15fef0
0760b8fb14342cf4d94f8e8e5097486ac310e93e0e4afa7343cb1d03e08c54c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c776c659b466face1225e6979399c88b4282906d3e2f6eeb17f1303e8ff9942
0e85a27009bd84280989449444d8234f498dd46bd7689ed089eda4e7de90a241
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ac6090640ad0b4a09f3588c838aad6ccb836b594468c5d42601d6a76044ab6
1685cb58ad7de40415d4bfdc156133febe1c4fe5220706624a7348b3514a80cb
1d8c7ce12428be733a9213b2fecae66db6950a933c276d68bf7c8271829a627d
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
252d7dd30664efb6b9214d1262a91b1015f095114d3b4b47568b9caa19645a45
275fed66a144ba70e5290629ee122bd0016a89410b1dadc604c2daa395443443
294c330ca5ab6b8e8f40f54a5ddd5f829da0b8c9c81d3dfd0f9639548eb083cc
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
3092e6d2d4edce3fe5884d232148f3b27284a63c849e2258ba4add233ab25df1
30ee96ef96092bed9d5d0192cd0afb4f7c4ee524bfddf31e58082ffffda91916
3225f378c00d8870e6d73c3b99cd541d2a9e0ce2d04b24fd41afee29d8c84da9
3311de9405705d8aea6f87696f874d62833137bbf2d21028480656520bb1acb7
366ae5f6cc6cd8b2dcf527e47c30143ab5654e1ee605cd4a5801ec638bb1b5ee
388ebcdebc38e52bba5625a5209fdb0508ef41bbba5b6913ce7b455c4cc04d9d
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3cd8e1e85b51bf5abefbd33f7cf823de433128aa1c93c56763667cf386c1a0bd
3cefb20a5aecbf3ad777c251befce030719061fdd9918640030356528174abe1
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d75aa8125da3bbbea9dead6648343bcd43520e399ff41368b1e12fba873d1a0
3e78ee21e1cf51af510b9489a104597a9d274d3f2d56939709eca2f7c159da3a
423c910658299c90e1b2809f08f076450854ec81c376bf39409c841ac06fd8ef
4288d8ae616700e3a29c3f819cdc99880796a54c2189efe0c5c2a12282af52a8
4457b5354c13990d3e20d6d958bde6b43c44c4410d7468c1fc6bdbfd5824c29d
46407cce560ac336451e8d03f0d51e2d86200eb41cd715de897e40dacade61ff
4734de4bea801661b5fc9ff15dfd01a2765fe04e9e7dff58730686586959127f
474f3fba05766b6db0a65bcfe8d20cdf8afab8b607f11688644460e947091063
48ac91956cb395f6241088434dbbc376e2a14e863796e9ab051bf1cf70930119
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b216b43f9b11a8ceaf584e09277b78e39f205ecbe4a871c9c974a7d8ff116bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
4f423b3bd30e58426b6d73f8128447c7e17f22abe88182839394975171620001
4ff5d9130d49b1d297ef3075113da32af7cd8091ba272186ac21b4d2f3489b76
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
536d3a773c4bd1c8b3e2f77510c15dcc179892cd6384e909e8f76178b648c0d4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a1ccdbac41ed8a853806f50a646b3cb75ae73970b038cda36e79c102364b88c
5a56cc283c51615493d88a6a74884fe352b03b49f9e1518a78847a687b8c3a38
5ad63618a17dfc4a241f7bfc08fcd20a655597161167255b246d9d30b81cf3a3
5b8e40848793a7e3892874fda515fea4d32452d42f3bc823c55dce4e870eb01e
5d145dd4c10c4c32fe4afd91bb21321347e141e575a32e8e62271883f4eae054
65273119e256096ceca5b848928dd7f731ed42c6bfdeb132950ca9a34a98d374
6851936d191dba1be8f7e84f557f6bf35344fdd6590c9050da98932d2ffd4854
68c0a8d36a7bdc18cede92caef9bd67a7f42682906b85d0520537c1f4b38318b
69533dd003520dae49e622cdacd17fc5787e0d126104d332918b288aea8999b8
6d5b148160c2fb15b0bfefaf2764e9e0c0fe9cdb869b1f28ad74c18c27f50205
6f04964e2b1599980730940d8f0ea03ed715e37df6a0de083351e01587869faf
751745855034e98950edacc75a1329445888d84a7f881f634e9d99614c63b5b6
75850317bdb48ffe85be51f7b165567f6619ef45635812d0da351e1294dc119d
79d0b0427bf7be3e10b6a0dce4091b4122e82926e1fc883f4ae69db8c06dc2c0
7e653267eac8b860b7132c5f4c5555e4410ec0c88700172a06fd681b3abf1525
7f8d3d1377100daa47822a1ed2cab52625a1b39f7cd5e0590ecebff35664c73b
80e6bb4ec74f4c15a96697ea6ff0ceb8f62514a530328cd7d2188e589bfca0c4
831044d97d5db8c97615d5c13717a9f538c0e6f989d1f1742b22509e14040d37
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8491a66fa14ab5fbd97274193e512da6ab946e730dbececd3f80b99a5c4929c6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a93af9537b968d3b7e110468299493ef908fab50c2ed691470d41d7bdf0985
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8b7ebb6b0662faad2315746bea68acf03c0a59406b9848a5e6962b4e7d350369
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8e2c23d27dce5c5a85a34b04c4d311cad8b13c6a9693e31e96eb1559087f9c0f
8efce6745485f5336fccc861379ce40afb9c17c1a9d6fe3fdafa8fc09f70cd9d
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aeb04131df1322b44d201b4298aff834e34a31cf3fc2e72dc2341896bff49d3
9c0b701e5d608ee3bec4946928e7cdfcfa18bd9c5ac0f7e9efb0c6bc1f65ca53
9e1b9161f6b11e665e79d93f6898a8942a2f4af44c5941e5e9fcc3c219d3a251
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a41dce230170de75ec306be3f58404a1588f9be814c3b59256643949cbe3cebb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ba4bcc8512c3ba29ddeed3271fda96e487fc863ca9dbfe2c63073c62d59c32
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac993d64e427fcbe3577a88c45f7d10149f51db0622fb0ce12fd5bc0fbe95295
aed904fded58002a91cceffa2fb792e7beea30070ff82748ddd5394db1cbe369
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8ab235aa58857aca90622233fedf451c1825997589ab0123ee5fd3150f4e288
b8b528e83753be4e64f8123d221752ae93b97d9166340a6d8ea1514ed353fe06
bb2c4321e2b4f596104912d635520175f1bfa9eb7ba930aabfb6bec03fd59461
bee724dff5b2725e7156c2aa955089bb6b6d1e1c0d0fc40f37f8d9817a123f44
bf9e923914a03938356b1e3abdce7d5baf3a22256ebc39481c056db70915f1a2
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c362ef55dfcd2d94eacecdd07c2c04fc38981b4e3447eb1634e6514cd0a303d2
c4affdfd4b409d656488397d0eaeb5fcae773ec2e0b470cd23afddd601817f59
c4dad7f9cc5125da80e168816aa8f9b24751f97618a87fe68d1f9fab75498de2
cabbde8502a6598896a3c812c89ecd99ecfb3e9ca68f632c8c9b3f2a7f6e0046
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
cd15990b17d2d9fc3f84859e5cc778ee22113b01592f5d98433d44ca4a4ffee2
ce51d2cb4a2fe3121b80537b5bf2aaa6e16bf1cff259ba233b48d1aaeb03e563
d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2fa9cbfcef5ad266136acad488491759f0f609867216a40c8f3f9d58409f536
d36856d4b0a68aec75fbc918c798d2373c9d9958eacaa335d7e1e8670c465815
d3b4813419560b632c5bfbc268087207d649863fc68a3c0b5b4f284f19592e23
d86a1f085058e7a82920bb9001286c7033b95dc0f7e1555e4fce2ffa6230748d
d9925dc8fdc741305ffba07d91a1ea84c3e56187e55fa30b4063f7bddaaef318
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e0457572fea8ea322e60eb0b316b3b0afa097a778263d5eaa72d1569e86cabf9
e17a0af89c14dd4f2e776d60d6f5bc81b1765c5c75357c1cd1e09a25baeab520
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b13e741205ab4bcc7f3295fede5490d55e9389e5331990284bb334ddade0a2
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e6f7a7b5348cc7c8b3180cabafd0eac667941392311c360ac812d07f2172edb4
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
eb7c9303c1909cb61c459c12b535c69eb76ed3b08720c97a586e26b0b4ab8028
ec17d7f91fca87418bf747a62ae25b58a7ff5565f259d4856c70a012e4b5a30d
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0994235573f79bf915d7b55a6f82ad755199c61829ad604aa58f87e5208b1d3
f1e516030c0e00dfbf674072ccafbceda2cc3876d4edb0609aba0889d463c663
f2cd7f69651e0b2958aad2c842b4e4e8a7c13cb883e5ed7f87d930a1079c0d9c
f3d2b9d06cf737999675d73a2e6ee28a30ac1bdeb1777884fd66b6e95a454c29
f6e28ddaaf83f1a6c4c021372d5693c6b38ad9c88cb98ee4991cb6996fb55908
f96af18730c98b10e304267ec1c16c25cdff06c06c9f2faebea6760ee194446d
fb0fc1093592dd5cf3d8b2d483ce250bc3b528c6ec09e9bc452110876e38210f
feaad76415c6eb7fb707e31a7f0bd3da9f47a60a5c6d34cd00e2ebf0bbb6766c

nv.ua Open in urlscan Pro 51.89.96.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

158 Requests

100 %HTTPS

58 %IPv6

21 Domains

31 Subdomains

31 IPs

8 Countries

2309 kBTransfer

3678 kBSize

5 Cookies

121 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nv.ua Open in urlscan Pro
51.89.96.192 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

100 %
HTTPS

58 %
IPv6

21
Domains

31
Subdomains

31
IPs

8
Countries

2309 kB
Transfer

3678 kB
Size

5
Cookies

158 HTTP transactions
1 data transactions