urlscan.io logo urlscan.io
SecurityTrails logo

ntn.ua Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ntn.ua/
Effective URL: https://ntn.ua/uk/
Submission: On October 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 12 countries across 70 domains to perform 361 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntn.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 12th 2022. Valid for: a year.
This is the only time ntn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 66 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a0c:5c81:512... 55081 (24SHELLS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 45.133.44.4 7018 (ATT-INTER...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 52.30.188.40 16509 (AMAZON-02)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 146.59.10.80 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 96.16.135.39 16625 (AKAMAI-AS)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 194.247.175.23 196831 (BEMOBILE-AS)
1 194.247.175.25 196831 (BEMOBILE-AS)
1 69.192.160.219 16625 (AKAMAI-AS)
1 146.59.30.104 16276 (OVH)
3 194.247.175.19 196831 (BEMOBILE-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a0c:5c81:514... 55081 (24SHELLS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2a02:2638::24 44788 (ASN-CRITE...)
10 34.98.64.218 396982 (GOOGLE-CL...)
3 8 216.52.2.19 30282 (AS-INAPCD...)
3 2602:803:c003... 26667 (RUBICONPR...)
2 35.214.236.176 15169 (GOOGLE)
3 3 3.125.135.131 16509 (AMAZON-02)
2 62.149.1.122 15497 (COLOCALL ...)
1 1 137.74.6.209 16276 (OVH)
3 194.247.175.26 196831 (BEMOBILE-AS)
14 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
34 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
12 38 216.58.212.162 15169 (GOOGLE)
6 12 185.80.39.216 27381 (CASALE-MEDIA)
8 11 37.252.172.123 29990 (ASN-APPNEX)
2 3 2620:116:800d... 16509 (AMAZON-02)
7 7 18.195.207.28 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 66.155.71.150 13768 (COGECO-PEER1)
3 3 37.157.4.25 198622 (ADFORM)
1 1 2600:9000:223... 16509 (AMAZON-02)
2 2 37.252.172.249 29990 (ASN-APPNEX)
8 142.250.186.162 15169 (GOOGLE)
4 18.66.122.129 16509 (AMAZON-02)
1 52.1.102.118 14618 (AMAZON-AES)
3 2a00:1288:80:... 203220 (YAHOO-DEB)
1 34.95.103.48 396982 (GOOGLE-CL...)
1 2 18.206.62.161 14618 (AMAZON-AES)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
2 35.227.252.103 15169 (GOOGLE)
1 1 104.18.18.126 13335 (CLOUDFLAR...)
1 185.86.139.94 201081 (SMARTADSE...)
1 1 151.101.194.49 54113 (FASTLY)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
6 6 3.126.151.133 16509 (AMAZON-02)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
7 9 69.173.144.165 26667 (RUBICONPR...)
2 2 3.126.56.137 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 63.34.235.23 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.134 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 162.19.138.82 16276 (OVH)
2 23.205.235.133 16625 (AKAMAI-AS)
2 2 185.29.134.248 30419 (MEDIAMATH...)
3 35.71.131.137 16509 (AMAZON-02)
2 2 99.81.33.254 16509 (AMAZON-02)
15 72.251.249.14 32475 (SINGLEHOP...)
3 5 54.239.38.253 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 1 52.5.136.4 14618 (AMAZON-AES)
1 8.43.72.97 26667 (RUBICONPR...)
1 69.173.144.138 26667 (RUBICONPR...)
2 2 213.19.147.45 3356 (LEVEL3)
2 3 2.19.46.98 16625 (AKAMAI-AS)
1 2.18.235.93 16625 (AKAMAI-AS)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 188.34.165.163 24940 (HETZNER-AS)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 23.35.236.201 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.120.49.52 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 3 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
361 77
66    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ntn.ua
1    2a0c:5c81:5120::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
d.adtelligent.com
1    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
7    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    52.30.188.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2606:4700:3038::6815:e9e1 (United States)

ASN13335 (CLOUDFLARENET, US)
inter.ua
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    96.16.135.39 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-135-39.deploy.static.akamaitechnologies.com
tags.bkrtx.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
1    194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
juke.mmi.bemobile.ua
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
8    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
3    3.125.135.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-135-131.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    62.149.1.122 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
3    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
sslpagestat.mmi.bemobile.ua
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
www.googletagservices.com
googleads.g.doubleclick.net
27    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
21    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
34    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2491:2c00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
38    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
12    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
11    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
7    18.195.207.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-207-28.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2600:9000:223f:6e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
4    18.66.122.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-129.fra60.r.cloudfront.net
bucket.cdnwebcloud.com
1    52.1.102.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-102-118.compute-1.amazonaws.com
gw.geoedge.be
3    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pr.ybp.yahoo.com
cdn.js7k.com
s.yimg.com
1    34.95.103.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.103.95.34.bc.googleusercontent.com
ox-delivery-prod-europe-west2.openx.net
2    18.206.62.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-62-161.compute-1.amazonaws.com
adrta.com
ipds.adrta.com
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
6    3.126.151.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-151-133.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2a05:d018:d29:3601:6e4b:8d25:66f8:d8e3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    63.34.235.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-235-23.eu-west-1.compute.amazonaws.com
neural40.cdnwebcloud.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net
ad.doubleclick.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    99.81.33.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-33-254.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
15    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
5    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
data.adsrvr.org
1    52.5.136.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-136-4.compute-1.amazonaws.com
aorta.clickagy.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    213.19.147.45 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    2.19.46.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-46-98.deploy.static.akamaitechnologies.com
px.owneriq.net
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    188.34.165.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.165.34.188.clients.your-server.de
bidswitch-eu.splicky.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    3.120.49.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-49-52.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
66 ntn.ua
ntn.ua
1 MB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 213
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 295
ad.doubleclick.net — Cisco Umbrella Rank: 176
321 KB
60 googlesyndication.com
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
374 KB
27 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
5 MB
23 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
ce.lijit.com — Cisco Umbrella Rank: 860
29 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
pixel.rubiconproject.com — Cisco Umbrella Rank: 338
eus.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 807
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2124
token.rubiconproject.com — Cisco Umbrella Rank: 657
17 KB
16 adtelligent.com
d.adtelligent.com — Cisco Umbrella Rank: 732265
player.adtelligent.com — Cisco Umbrella Rank: 6136
ghb.adtelligent.com — Cisco Umbrella Rank: 5906
ghb1.adtelligent.com — Cisco Umbrella Rank: 6671
sync.adtelligent.com — Cisco Umbrella Rank: 4125
276 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 436
12 KB
13 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421
11 KB
13 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 27350
ox-delivery-prod-europe-west2.openx.net — Cisco Umbrella Rank: 16057
rtb.openx.net — Cisco Umbrella Rank: 1413
eu-u.openx.net — Cisco Umbrella Rank: 1635
us-u.openx.net — Cisco Umbrella Rank: 414
6 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1241
s.amazon-adsystem.com — Cisco Umbrella Rank: 289
5 KB
8 cdnwebcloud.com
bucket.cdnwebcloud.com — Cisco Umbrella Rank: 35373
neural40.cdnwebcloud.com — Cisco Umbrella Rank: 50815
16 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 735
gum.criteo.com — Cisco Umbrella Rank: 408
mug.criteo.com — Cisco Umbrella Rank: 3300
9 KB
7 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
6 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
269 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 291
3 KB
6 yahoo.com
pr.ybp.yahoo.com — Cisco Umbrella Rank: 1324
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 286
6 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 71
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 404865
juke.mmi.bemobile.ua — Cisco Umbrella Rank: 559745
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 419891
21 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 65651
ls.hit.gemius.pl — Cisco Umbrella Rank: 13765
20 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
data.adsrvr.org — Cisco Umbrella Rank: 4484
1 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 483
1 KB
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 668
12 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1020
1 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 638
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
1 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 920
2 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6188
creativecdn.com — Cisco Umbrella Rank: 645
902 B
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 126315
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
9 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3983
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 529
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 748
586 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 458
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 658
57 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 812
1 KB
2 adrta.com
adrta.com — Cisco Umbrella Rank: 1506
ipds.adrta.com — Cisco Umbrella Rank: 2718
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
382 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 822
s.tribalfusion.com — Cisco Umbrella Rank: 2171
1 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1592
gw.geoedge.be — Cisco Umbrella Rank: 1763
128 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 879
2 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5524
914 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 170511
i.bigmir.net — Cisco Umbrella Rank: 388246
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 145
112 KB
2 inter.ua
inter.ua
441 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
87 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
707 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1122
418 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
403 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 28877
217 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 720
730 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 553
291 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1435
427 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 484
616 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 493
834 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 997
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 551
538 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 846
45 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13858
556 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1615
586 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 692
441 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
10 KB
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8196
257 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 766
5 KB
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 491
256 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3587
16 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 763
2 KB
361 70
Domain Requested by
66 ntn.ua 2 redirects ntn.ua
38 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
eu-u.openx.net
ap.lijit.com
34 pagead2.googlesyndication.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
ntn.ua
rumcdn.geoedge.be
www.googletagservices.com
securepubads.g.doubleclick.net
27 s0.2mdn.net ntn.ua
s0.2mdn.net
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
21 tpc.googlesyndication.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
rumcdn.geoedge.be
securepubads.g.doubleclick.net
15 ce.lijit.com ap.lijit.com
us-u.openx.net
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
11 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
8 googleads4.g.doubleclick.net ntn.ua
rumcdn.geoedge.be
8 ap.lijit.com 3 redirects player.adtelligent.com
ntn.ua
ap.lijit.com
7 pm.w55c.net 7 redirects
7 www.googletagservices.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
rumcdn.geoedge.be
7 securepubads.g.doubleclick.net ntn.ua
securepubads.g.doubleclick.net
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
www.googletagservices.com
7 player.adtelligent.com ntn.ua
player.adtelligent.com
6 x.bidswitch.net 6 redirects
6 googleads.g.doubleclick.net 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
ntn.ua
5 aax-eu.amazon-adsystem.com 3 redirects ap.lijit.com
5 eu-u.openx.net player.adtelligent.com
eu-u.openx.net
us-u.openx.net
5 pixel.rubiconproject.com 3 redirects
5 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ghb.adtelligent.com player.adtelligent.com
4 token.rubiconproject.com 4 redirects
4 us-u.openx.net eu-u.openx.net
ap.lijit.com
us-u.openx.net
4 gum.criteo.com 2 redirects static.criteo.net
4 neural40.cdnwebcloud.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
ntn.ua
4 bucket.cdnwebcloud.com s0.2mdn.net
bucket.cdnwebcloud.com
4 gaua.hit.gemius.pl 1 redirects ntn.ua
gaua.hit.gemius.pl
4 match.prod.bidr.io 2 redirects ntn.ua
us-u.openx.net
3 s.amazon-adsystem.com 2 redirects
3 px.owneriq.net 2 redirects ap.lijit.com
3 match.adsrvr.org eu-u.openx.net
ap.lijit.com
3 mug.criteo.com
3 fonts.gstatic.com fonts.googleapis.com
3 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
3 c1.adform.net 3 redirects
3 cms.quantserve.com 2 redirects 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
3 www.google.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
3 rtb.mfadsrvr.com 3 redirects
3 fastlane.rubiconproject.com player.adtelligent.com
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ntn.ua
3 www.facebook.com ntn.ua
3 www.google-analytics.com player.adtelligent.com
www.google-analytics.com
2 ads.creative-serving.com 2 redirects
2 ads.pubmatic.com ap.lijit.com
2 sync.1rx.io 2 redirects
2 creativecdn.com 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 sync.mathtag.com 2 redirects
2 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 ups.analytics.yahoo.com 2 redirects
2 um.simpli.fi 2 redirects
2 rtb.openx.net 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
us-u.openx.net
2 secure.adnxs.com 2 redirects
2 pixel-sync.sitescout.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
ap.lijit.com
2 sync.adtelligent.com player.adtelligent.com
ntn.ua
2 csync.loopme.me player.adtelligent.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.co.uk securepubads.g.doubleclick.net
2 connect.facebook.net ntn.ua
connect.facebook.net
2 inter.ua 1 redirects ntn.ua
2 www.googletagmanager.com ntn.ua
1 px.ads.linkedin.com
1 image6.pubmatic.com ads.pubmatic.com
1 d.turn.com 1 redirects
1 bh.contextweb.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 p.rfihub.com 1 redirects
1 contextual.media.net ap.lijit.com
1 pixel-eu.rubiconproject.com ap.lijit.com
1 pixel-us-east.rubiconproject.com ap.lijit.com
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 id5-sync.com player.adtelligent.com
1 ad.doubleclick.net rumcdn.geoedge.be
1 s.yimg.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
1 cdn.js7k.com rumcdn.geoedge.be
1 fonts.googleapis.com s0.2mdn.net
1 sync-tm.everesttech.net 1 redirects
1 ssbsync.smartadserver.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 ipds.adrta.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
1 adrta.com 1 redirects
1 ox-delivery-prod-europe-west2.openx.net rumcdn.geoedge.be
1 pr.ybp.yahoo.com rumcdn.geoedge.be
1 gw.geoedge.be rumcdn.geoedge.be
1 s.ad.smaato.net 1 redirects
1 s.tribalfusion.com 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 rumcdn.geoedge.be ntn.ua
1 cdn.jsdelivr.net 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
1 a4p.adpartner.pro 1 redirects
1 adtelligent-d.openx.net player.adtelligent.com
1 ghb1.adtelligent.com player.adtelligent.com
1 bidder.criteo.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 static.xx.fbcdn.net www.facebook.com
1 stags.bluekai.com tags.bkrtx.com
1 juke.mmi.bemobile.ua ntn.ua
1 source.mmi.bemobile.ua ntn.ua
1 i.bigmir.net ntn.ua
1 c.bigmir.net 1 redirects
1 tags.bkrtx.com ntn.ua
1 unpkg.com ntn.ua
1 d.adtelligent.com ntn.ua
361 110
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-12 -
2023-03-11		 a year crt.sh
d.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-25 -
2022-12-24		 3 months crt.sh
player.adtelligent.com
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-07 -
2022-11-05		 3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-10-07 -
2023-01-05		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.cdnwebcloud.com
Amazon		 2022-09-21 -
2023-10-21		 a year crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2022-12-07		 2 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh

This page contains 40 frames:

Primary Page: https://ntn.ua/uk/
Frame ID: 5D257D8092550EF5EA46DD0090B02DDC
Requests: 129 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Frame ID: 583B1B6A9978D9C4E2A47ED50770239C
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=90559870
Frame ID: 6C3DD6B189E2B92A82D7E211E3064463
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 99ACEABF81F1CD90DE5EE9A85BC9B834
Requests: 1 HTTP requests in this frame

Frame: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FAFD66DAC59178C174E27FEBF7E42AB6
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 40C55ECEFDAB77FB5FD8778A102B27C5
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: F428C4FD4F1C8A7AC61811D11D76F3EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=3ebd0266-b147-41c0-832b-20e2cf49008a
Frame ID: A014F758A2715BD3DE7FFB3731150FA9
Requests: 1 HTTP requests in this frame

Frame: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8FEDC34FBA90D8FA5CE4A599ED2EEC30
Requests: 17 HTTP requests in this frame

Frame: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E539947799473B3ACED672454BE2D745
Requests: 7 HTTP requests in this frame

Frame: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D51568645F99A7B493C5B13B3D3EA9B5
Requests: 19 HTTP requests in this frame

Frame: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63A60E4A7EB97365E21EB40D3D4E6EEA
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Frame ID: 6D4C48A5F923A3238A9D931951AD51ED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Frame ID: FE3EAF322CDBF8F2F7BF9822C3FE6F3E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Frame ID: C4EEB9E0F25A5F3F01A08B4CDC0C0604
Requests: 5 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Frame ID: 9F8CC7C1E893924497C38189A57D649F
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F015629477AEF6203DA6911540A843D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7ACEB8016A0CD13D9C2BB93A160D38DA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B438149FEEDE3A3FC26DE286F9DECD2
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
Frame ID: 0C03708E5FAC1DEEFC037DCB5027A138
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Frame ID: 28359A82AD875D03BC3B868BBAA40FA9
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Frame ID: F5A1F5B00FDAC90E653C1AD18AE240BA
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 550BC8DD46A927ACF28A4A537E0E7DAF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41958CCEB726FF6EC33947C5A74C321E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6D1F0795F105338ACC217ED5BE668051
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 9025959F6AF4A3F4E54FC47E5AD759A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 76E9ED657F8640A1FB5ACE1F01AED17E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: B70D305A9128B71BED02F2D798D038CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 13D3A2FF67A7853E24714532C394D030
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua
Frame ID: 3B04ED146842A3EE6F82F58C5D37327C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F202CF605EAA269B712FEA999B9EBD90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 625AC8676E1623E7C91B964CBCD9DA89
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 0C3E61CCE3D2462FA81C35830A99D305
Requests: 7 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13459965
Frame ID: 82273D6C20FA8FE7B84A80BF33B32D98
Requests: 25 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 8889BB5F1FD65B78670FFB01B16C6413
Requests: 10 HTTP requests in this frame

Frame: https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Frame ID: 5947D2D05C532128802B62CFEF88214A
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 9C0556982FEB4CC770C8CD186864764A
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 409F56F10C5B5665BC19B17EBABCB184
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 599FAF93DCEEFD08DDBC0320639B9371
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=8878724672290120394&gdpr=0&gdpr_consent=
Frame ID: 2E7F28FBDDD749FFE597CA0598FE9CB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Телеканал НТН

Page URL History Show full URLs

  1. http://ntn.ua/ HTTP 301
    https://ntn.ua/ HTTP 302
    https://ntn.ua/uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

361
Requests

81 %
HTTPS

34 %
IPv6

70
Domains

110
Subdomains

77
IPs

12
Countries

8021 kB
Transfer

13184 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ntn.ua/ HTTP 301
    https://ntn.ua/ HTTP 302
    https://ntn.ua/uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://match.prod.bidr.io/cookie-sync/atg HTTP 303
  • https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Request Chain 42
  • https://inter.ua/uk/announce/channel/3 HTTP 301
  • https://inter.ua/ua
Request Chain 71
  • https://c.bigmir.net/?v88708&s89294&t3&c1&n26323&w0&y0&d24&r1600 HTTP 302
  • https://i.bigmir.net/cnt/03.png
Request Chain 93
  • https://gaua.hit.gemius.pl/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=zGAbI99GEq8MxoX8l2AVj4pKUBJCz2IwnKhreWVHafj.6703sm5ds0Xb3UyzHRL1hzwhxaDWCVBLjTpbldEvtt20CtoH/GUxLPwhmc_fFk/&ltime=239&fpdata=zQW1v6JYB.N_s0GZ3LHa_KOMOhoy9lCA.qoOrXGIkfP.z7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=zGAbI99GEq8MxoX8l2AVj4pKUBJCz2IwnKhreWVHafj.6703sm5ds0Xb3UyzHRL1hzwhxaDWCVBLjTpbldEvtt20CtoH/GUxLPwhmc_fFk/&ltime=239&fpdata=zQW1v6JYB.N_s0GZ3LHa_KOMOhoy9lCA.qoOrXGIkfP.z7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Request Chain 114
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={} HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=3ebd0266-b147-41c0-832b-20e2cf49008a
Request Chain 116
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 154
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Request Chain 156
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 158
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Request Chain 160
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Request Chain 161
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 162
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Request Chain 164
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D
Request Chain 185
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ9J-j4nF5skUvnBBIOCyBaOGCIOAO7dba-orUbBmW5_Qli3omBP7A HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ9J-j4nF5skUvnBBIOCyBaOGCIOAO7dba-orUbBmW5_Qli3omBP7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ9J-j4nF5skUvnBBIOCyBaOGCIOAO7dba-orUbBmW5_Qli3omBP7A
Request Chain 186
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 188
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM-m7zib_35oFRk9rlSpASI&google_cver=1&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZONtwl4ZHR0bjU6MZGHQVI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM-m7zib_35oFRk9rlSpASI&google_cver=1&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZONtwl4ZHR0bjU6MZGHQVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNzQwNzk1NTMyNTIzNzA3NQ&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZONtwl4ZHR0bjU6MZGHQVI
Request Chain 189
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELI5R1psVIHvbjmMLzsNcC4&google_cver=1&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthVOZW8s-U5hw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthVOZW8s-U5hw
Request Chain 190
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-MV4yZ0CgO4wjnJV75G2CL9CxJXidY1GswAYAeUM68uGwA-jEfVJT8nYZDkxLCgjHoM_gXBBCHnliizn-qJu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-MV4yZ0CgO4wjnJV75G2CL9CxJXidY1GswAYAeUM68uGwA-jEfVJT8nYZDkxLCgjHoM_gXBBCHnliizn-qJu
Request Chain 203
  • https://adrta.com/i?clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=1667038056&kv11=00894366-fb28-4031-81a9-a7d37b1373d5&lineItemId=540463243&kv15=gb&kv55=1.0,1!adtelligent.com,283366,1,,,!openx.com,541177116,1,00894366-fb28-4031-81a9-a7d37b1373d5,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv9=&kv13=&kv3=9404ef77-c17f-411c-ada6-6d46c1e869b5&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&kv7=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&kv14=&kv16=53.442&kv17=-2.241&kv12=541177132&kv18=&kv19=&kv20=&kv23=&kv24=Desktop_Display&cb=74286704 HTTP 302
  • https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGKBHAKINMGMNJJNJKHIMJPFJ@FNMLGKNFJLONFBMHKGFMHLHLLONEMGMJKAGKKOGHOHKMLLIBJIKLHMLPGGGQLOMNJMEBILLLEKOELOMMF@HBEBH&clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=1667038056&kv11=00894366-fb28-4031-81a9-a7d37b1373d5&lineItemId=540463243&kv15=gb&kv55=1.0,1!adtelligent.com,283366,1,,,!openx.com,541177116,1,00894366-fb28-4031-81a9-a7d37b1373d5,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv9=&kv13=&kv3=9404ef77-c17f-411c-ada6-6d46c1e869b5&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&kv7=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&kv14=&kv16=53.442&kv17=-2.241&kv12=541177132&kv18=&kv19=&kv20=&kv23=&kv24=Desktop_Display&cb=74286704
Request Chain 204
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpkYKhin0hRRrBbYKvSMMT1zpPYFgZ8ns9R5CQAy8wE3Q1u0TQNcAek2pw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpkYKhin0hRRrBbYKvSMMT1zpPYFgZ8ns9R5CQAy8wE3Q1u0TQNcAek2pw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpkYKhin0hRRrBbYKvSMMT1zpPYFgZ8ns9R5CQAy8wE3Q1u0TQNcAek2pw
Request Chain 205
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO081HViIYCbJ-Q0OFw23uM&google_cver=1&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfOvWCGhIYDGAcAVp9A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1OTg3MzkzNjAxNzk3OTU0Ng%3D%3D&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfOvWCGhIYDGAcAVp9A
Request Chain 206
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOA043QWtPkliE7lYW1dolU&google_cver=1&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFvZD_30vDp7fyJhg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMW8lbuGQWSixrs5bnjb0A2&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFvZD_30vDp7fyJhg
Request Chain 208
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_cver=1&google_push=AZmPxg9agVBgyUJZUlSy9ETDN2m_6VoyjmtFWxNhwBam2L76i7_oeQMuneMTioCvO429N5tfz6aNvEcBdFzbW30o7Pb-genjSn1- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAABJMAAAAB&google_nid=index&google_push=AZmPxg9agVBgyUJZUlSy9ETDN2m_6VoyjmtFWxNhwBam2L76i7_oeQMuneMTioCvO429N5tfz6aNvEcBdFzbW30o7Pb-genjSn1-
Request Chain 209
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJhFauoW_07Fm0P5fqY5cUs&google_cver=1&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Tweg2s4YGVGry0FQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Tweg2s4YGVGry0FQ&google_hm=Fj7fsBZH5_jFDR6_Sg2DBwj-
Request Chain 212
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vVRJcQuSitN8uZD_xT2D7Odt1hbQ1UQ5duj5GSQVIqylzyiV65COTficg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vVRJcQuSitN8uZD_xT2D7Odt1hbQ1UQ5duj5GSQVIqylzyiV65COTficg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vVRJcQuSitN8uZD_xT2D7Odt1hbQ1UQ5duj5GSQVIqylzyiV65COTficg
Request Chain 213
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP-jrieaxCTLrG0Kset3qJA&google_cver=1&google_push=AZmPxg-Elzmv1Z17jBTVMw9mH8RDAKinRklOca-8Q8KBxKcJ14QDlQnOC3Wqq1bmqHGiBAEShyanxOvCiXylLf8YbKSk6wCj91byQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP-jrieaxCTLrG0Kset3qJA&google_push=AZmPxg-Elzmv1Z17jBTVMw9mH8RDAKinRklOca-8Q8KBxKcJ14QDlQnOC3Wqq1bmqHGiBAEShyanxOvCiXylLf8YbKSk6wCj91byQg
Request Chain 214
  • https://um.simpli.fi/gp_match?google_gid=CAESEHZyBVx8ACpm5j6OUneY-Ow&google_cver=1&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ04s61LQaHtw0lPQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABBD9E51FFCE48FE9EB595ED6A1A9B9D&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ04s61LQaHtw0lPQQ
Request Chain 215
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN8zcl6GuwZPmu2mM_WwgmA&google_cver=1&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN8zcl6GuwZPmu2mM_WwgmA&google_cver=1&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ&google_hm=6ri5XtdPQCiDJgLXeb1ueA==
Request Chain 216
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJWqgvU5GxX5gd3qt1_xZW4&google_cver=1&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ueowEnTgA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ueowEnTgA&google_hm=NTU0MzgwNDgyNzI2OTkyMzE5Mw%3D%3D
Request Chain 217
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ8OnybiZhFanm5V3rkcJbo&google_cver=1&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3HP_xh5HgbuI7_QaEM3HmARCry HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3HP_xh5HgbuI7_QaEM3HmARCry
Request Chain 218
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMiZdZiqMAg55UGZm3Y_yQs&google_cver=1&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-zABRnPN4ESXtPKczOKQhVxaF-1TWw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMiZdZiqMAg55UGZm3Y_yQs&google_cver=1&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-zABRnPN4ESXtPKczOKQhVxaF-1TWw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01eWx3Y2tSRTJ1RjhuUDNmTl9JcHVQbmFKd2oybEVYQn5B&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-zABRnPN4ESXtPKczOKQhVxaF-1TWw
Request Chain 296
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GiyfsXxhbWgxUVNqei94NXlmU1NwTGd3a2NTb29LVlQzSTBrTkhCZ1BWTXNDdERyYTFlV1RIY05iTHJYVll3V3RxTXhOK0lucTVUa3A3QzFZVHhuWGgzaWpFbmYyYnB2cEM2S2dTb082aEsxcWxNL3dKV0IxWWROdEVocTR0aSswNklCRmQ5YzNXWE8wSDZsYlRTMDlUb2FaRXJ2bGY1NlVLeXFxdHo1K21NSjlsNFRTSm1zU1laQ2FSTlVmVURrUmEzYjloNDZGVU9xNCs2MzhSQURFeCttWFZwbjVXcDhmSWkvNVVVTmdibDZ4a3QvclRIQkpsRXprOE9KaVZqaGVWQ3l1VnNocXdmOWw1SHB0ZmQ2S0YxM1ZUQT09fA&cppv=2
Request Chain 304
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2671snxIdkV6b2pGbU5oenpFcGNycGhzaEZPYTQ4ZkdHdUFKQWR4aStYRDJ1RmxVUkJOTjB1aUtKUUx4SXVSdmN2RXE5bklOaE80S0sxR1hYVUdKMk5TUThLQm1nQzR3dDFGbGRWblVSMVdqRGFRSzF3dHFOVktpWTkvUCtwVFd0Q1NtWXpUZ3NNOVdZY0g1eHV6dU8zQW42emRLTEd4UGpGR1lLUC9wRklJaDJJeWRURHh1YjhCM2FHa01XajZrajZ1Ny9oRjMwZDBXUkd1WFJEaGVrd2FWbnR4VEZFSmhGMUxqWXZLNGxsTG5ybDRmeUVyMEpqRG9FWjRYTzYrc1I4ODRrR1cvTytLbUNQcGdkM0JkUHQxNCthdz09fA&cppv=2
Request Chain 310
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5be9635c-fb6b-4200-bee5-7245403ffe22
Request Chain 311
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Wt5whwqPc91B1XHcXdho11yPJNBB23CBX47UOINA
Request Chain 312
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3317407955325237075
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_nEq4QsAZxOuIOtO7b0rw&google_cver=1
Request Chain 316
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=Fj7fsBZH5_jFDR6_Sg2DBwj-/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=Fj7fsBZH5_jFDR6_Sg2DBwj-/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
Request Chain 317
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Request Chain 318
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 319
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAETDU7GufcAAB8jXwd5AA&gdpr=0
Request Chain 320
  • https://um.simpli.fi/lj_match?r=1667038059377&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=ABBD9E51FFCE48FE9EB595ED6A1A9B9D
Request Chain 321
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Request Chain 323
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0
Request Chain 324
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=fHC1r1Als2bIq6OyldEg&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 325
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 326
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Fj7fsBZH5_jFDR6_Sg2DBwj-&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:aa57bb079cae59af080f137bdc01adef
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=Fj7fsBZH5_jFDR6_Sg2DBwj-&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=5be9635c-fb6b-4200-bee5-7245403ffe22&gdpr=0&gdpr_consent=
Request Chain 331
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1667038059854 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797883030
Request Chain 332
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7203244591428147245&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 334
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=Av5sWlKvbwAZ9W0BBfh0CgSvOA0Z-2xcB66Z3cEg
Request Chain 335
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=3ebd0266-b147-41c0-832b-20e2cf49008a
Request Chain 337
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323575831589
Request Chain 338
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=fmx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=fmx&expires=10&bsw_param=eab8b95e-d74f-4028-8326-02d779bd6e78 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Request Chain 339
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=Fzqm44S2wR2N&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 343
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=8878724672290120394&gdpr=0&gdpr_consent=
Request Chain 349
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9xWUGSpj1OOIKB5
Request Chain 350
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6e9a8841-2fc7-4e1a-9684-f4c1bd8d1124&ssp=openx&expires=30&user_group=5&bsw_param=eab8b95e-d74f-4028-8326-02d779bd6e78 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Request Chain 351
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4210551638128796025
Request Chain 355
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uSu4LQ8prAsdQ4EcKKypz8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5543804827269923193
Request Chain 356
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&gdpr=0
Request Chain 357
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MABp_ZzuTnyX8Z6hOBTpLA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MABp_ZzuTnyX8Z6hOBTpLA&gdpr=0
Request Chain 358
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yeAVtRvFQSKi7pijYuHlxw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yeAVtRvFQSKi7pijYuHlxw&gdpr=0
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHRFdlWW8_ZVNYcp3wVmeoc&google_cver=1
Request Chain 361
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9TRF0HE-1T-DIER&gdpr=0
Request Chain 362
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY4MjQ1MzEwNWIwZjhhY2I1YWVhYTllMmVjMmFmOTUyMWY5NTVlMQ&gdpr=0

361 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ntn.ua/uk/
Redirect Chain
  • http://ntn.ua/
  • https://ntn.ua/
  • https://ntn.ua/uk/
60 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c824f3b22b2dbbb009452db4b2abc0dcac74eb01f1e39625d15f13322aec64c8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
761b1ad66e0571ba-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 10:07:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx1INwf%2BeG3zgz42P%2BaqFh8DMQgtuzdDyVY2jt%2FKRJqls9FsGTzgFmnpiVFJrR1Kaqkgubb3KR4c7xibVqQ3ZtrUxeax%2FVXgzw78gnVLPZf71rth7NbjlSz%2FeuY03k0%2F3rb56zA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
761b1ad4db3671ba-LHR
content-type
text/html
date
Sat, 29 Oct 2022 10:07:32 GMT
location
https://ntn.ua/uk/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmYzp8%2BZDvq7rrCr1VrmqkhRcupeYbJuA9w6DYix9lwQD1y7s%2FPrBCywyMqQKVOdnvYCbMPk5iI98Zf6l2RcbbXF%2F2up3lHvjsmNaClmADH%2BTA5wWtJPrPsUCL%2FnqPnuAH%2FebWw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ntn.css
ntn.ua/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/ntn.css?v=1.2.15
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 19 Apr 2019 11:56:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Q0aET8KQyvyuwLbmdQhsMBaUmW5WEVCixJl%2Buj%2Bl08vXCEzVkkOaTnObvgniMkabik1Pbn2wIRHF0uZFCCom0VcUxm%2FM7f7d7U9nNTN4sisy9VXMQPjJcSZUq0mqDb%2BDbxX4zU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1ada0de9dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
flexslider.css
ntn.ua/js/flexslider/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/flexslider/flexslider.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuIO%2FeXV4g%2FkWd%2F0ZAr%2BnUIPUZ44qn7Aqb%2FTZHCnmdVNTcx5uBbj%2FSdnY8DQZ5ZIDIhw1z0pzhTSgkmX%2F4it86I5ewSnmqRa2SAv30z14PmM6%2FXA9BVLD9kJHqtDdvzwO%2FTyhTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1ada0decdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.fancybox.css
ntn.ua/js/fancybox/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/fancybox/jquery.fancybox.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB7bSK0qiKuXpfJ4Yl4XEYzXhTLuK2Mi3c%2FqG%2B8PY5G8mRCjzQULzgGiD9lGCVZCHCLl8qDHWU32ANDaj5pCLx%2F7xBHHAORIDGs31BniFc1ixojFYfLJjvXngxpXibu8h%2FNAySM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1ada0deedd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
superfish.css
ntn.ua/css// 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css//superfish.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URY%2BlIZndf%2Bqsn1qZK5%2FhPtTlYhHUau7IqZE7Hsp4aXskGS6T3RLE5PTcJrMNpCV0nD%2BWHCTU9LoBmDcOHtQT4u3vmGGPZKSSx%2BqzwIQNX6ffdfr8TQ66p46Us3nH3UtwtU85og%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1ada0df2dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery-ui-1.10.4.custom.min.css
ntn.ua/js/jquery-ui/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bZwiBTLEFy%2BbrbYbdArXLAsQqS%2FHSBht%2BPf5jFAAKPlwGXjhuxce9SaeE2potB2Mxf9XG5I6agvn%2Fov1TMv4j9C8MthyEUeAlOr7HT9qcubzbrEMjzNI7%2FIXc7ECoXwXrNXG0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1ada0df5dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.min.js
ntn.ua/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEVOmU%2BgbKerGZ15Jcedr6lab8PejNpsCM%2Bcpo%2FHuRiowsRmQPRYsYAoHJAVwBQMR8%2BAncFwwyebDIAXIQSeo58D3n02hc0qCUQujQEV5SlY26IfF6eLnJp9VuCMglOj7%2BTXCsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0df6dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery-ui-1.10.4.custom.min.js
ntn.ua/js/jquery-ui/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8NLtMmVATDZvHsyudjDC8Cj1OVlr%2BO5YaB%2Boghyp2EOs%2FvWBqVN09DKrDjnKhRkZIGjSFDcPzxkY30JtGzbqBsRPWMtftvg0sUMF1uN9sih8eCAtJ94WoKaegKx8sLhOIItE%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0df8dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
respond.min.js
ntn.ua/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/respond.min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXwK16rLVN6c5PEqKBTVc14ak8eljSWoAcCowRqpvSE4qYqjw28ZMQAiz3sNPeuwXaAX3RHLbIZ6fUwzQY5%2BdjBW%2Fxc%2B9rZXoECEUS2CPwvsONlP%2BWCp9Dx7GLKmEsqz4ve5e7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0dfadd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
swfobject.js
ntn.ua/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/swfobject.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgL7PHwrJ1sCkgAvMBeh0OQ4wzu7gq7A0dByvWMIn7Mk2LhcsqySS08y3bL9wuszOpDfNEZH%2FG323swxvLVdMqycRl8Afw6VvhGe4ALNY%2F9uJXTUKARdD%2FjmN9q2krJe3ROBiLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0dfbdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jwplayer.js
ntn.ua/js/ 		137 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jwplayer.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=po56e0wGR2P85B2V9TwPuosdTCuXjbN%2B2duHsNMUxvy%2FBfXxnF8ngAesHkt%2FCbi5G0e%2Fm6jluB7uP73uxAa%2BlUw2c03bAgHmdLcsCm3HZLpBNGMzkIpUBk5iiVZphGoQ46Lmozc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0dfddd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
main.js
ntn.ua/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/main.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgH53VboDspALx54hKSYFo9hHSDN15fyllwdnQTaLWDGF%2Fqh72aQHfNAw%2BKCA2lrlWNzrloxi2Y78aq7KfKgpDbbx5%2BpkyNlRbUaqtpMZfHX6B495tY4NkisPXWxDRRmjR7HFT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e00dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.flexslider-min.js
ntn.ua/js/flexslider/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/flexslider/jquery.flexslider-min.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W7fb0ZMgh24ProyUlAFJovKuirxT%2BOPy%2F4OdW%2FAvcB3db1JtHpxXCrN%2BzQpmqW9qV8rirkJYShat50Ho6l41JH8zons13pL33GsIc%2BEaeXPWCCG91wa5XL5ot5ju3lAcoD2buc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e01dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.fancybox.pack.js
ntn.ua/js/fancybox/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/fancybox/jquery.fancybox.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PrQ0iqRINz8NSddrq2zyH9qEXdhdEqBGmYYJEeZGV3Loerxl%2BRMLbQZegH3LHOkdiEseqV6w0BgkKV9VET5xSKOpN7yAPd6IkTa%2BlTj4DJHZZ%2FwPE3MkfxUQc8%2FJv5ZLitvei8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e03dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
superfish.js
ntn.ua/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/superfish.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps7BSGx9wQkKWYHn%2FlPN0q%2FHIEhoGPEtus%2B2nb6CInh%2FCOmm88TK%2BscXGJl8lpbRWg35w7IqF%2FUMVsi%2BCM0nrPaNBtXIMNmVmEGc6XexXdDa5S5cjcAjJZ8fVY2l%2Bji4U97GVGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e05dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.easing-1.3.pack.js
ntn.ua/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.easing-1.3.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuSi%2F3b66pNGbWt5ZDppYP3AXX3ktmnQ%2BSmBPcxDhyx9oKTHRHUECxsDBOaP%2Fvg98ioGIoJB1OL5k%2FVZbYrEcHaxU6bsS6bYddCCKIWYEGih2oaaDPTXxEefP6xU6hQt2kyubuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e09dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
jquery.mousewheel-3.0.6.pack.js
ntn.ua/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/js/jquery.mousewheel-3.0.6.pack.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORnSmRRCPVOXK%2FBuZ%2B40vdo8SCKkW%2FzNrDc5a3tnBzvDAxISbZ1TK5z04eZLFH%2BDuwPw3oqjutwqO8tu2RIqdKBMlFuDYLrSijz63iDR7cvdf388yM%2B5r5U%2BpJpKv2ouO90RGOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=86400, private
cf-ray
761b1ada0e0bdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
segments.js
d.adtelligent.com/ 		16 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adtelligent.com/segments.js?id=87
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5120::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:32 GMT
Server
Adtelligent
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=7200
Content-Length
16
vmap-js.js
unpkg.com/vmap@2.2.2/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vmap@2.2.2/dist/vmap-js.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 21 Dec 2018 14:16:58 GMT
fly-request-id
01GGHKC14JAYYTFXBPRHD4WJ3F-lhr
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"d58-nCDrlApgb5bvdpj1ugv9uEgKSyk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
761b1ada7bda0706-LHR
player.core.js
player.adtelligent.com/static/ 		465 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.js?v=3104
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:33 GMT
date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:12 GMT
server
nginx
etag
W/"626bfd7c-745fa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
player.core.css
player.adtelligent.com/static/ 		155 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.css?v=1004
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:34 GMT
date
Sat, 29 Oct 2022 10:07:34 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:11 GMT
server
nginx
etag
W/"626bfd7b-26cfa"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-157387674-2
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b2addd85433c142ccd28b90da525a6b716e2783268a5ea76fe56ac9c805253a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43623
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 10:07:35 GMT
atg
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/atg
  • https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Server
52.30.188.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
20
content-type
text/plain

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Date
Sat, 29 Oct 2022 10:07:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
new_logo.png
ntn.ua/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/new_logo.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xVY0RZnWh6LXk067IPZotxVSj%2Bao37%2F4vNIkoSuFlmFKQ%2FhnH0Unuu99bpPnrPXmtig9zQpbDxSqRbo4K7642CYwlGHGHB6ApUYh2awQdIvGaM4kBJiq5oL3S3f6DisjZeIQZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ab87dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4150
expires
Sun, 30 Oct 2022 10:08:45 GMT
nosignal_uk.gif
ntn.ua/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/nosignal_uk.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jan 2017 12:32:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"586e3cfb-5c48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4DWsWWuevW0n5fV9Uhci6FOXapBSJM4CsoE%2Fv1WzeyGXxpbeXAta7mFMvMLoBPZPAzrOBIrPNuFyHvFPMPTgt6pvhA7JDwia6bYUXNZR18GmR4IU3A2noPQk%2FxadcW0c%2FtVk48%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5dbc4dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23624
expires
Sun, 30 Oct 2022 10:08:45 GMT
announce_uk.gif
ntn.ua/images/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/announce_uk.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 16 Jan 2020 10:52:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e204052-2f699"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh%2BIzblNOoGkZsNsRt0EqIflPLrAKje6AbTv%2Fyb5fuWK6LqaW651LAf%2BCV6IAzDcd%2BMjihFjAL0wsBi69N1rADMNvA9MMnKmIuMXpa9d1wo%2BpYggzna0z6OGO6UPKz5g%2BpeymGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebd6dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194201
expires
Sun, 30 Oct 2022 10:08:45 GMT
625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
ntn.ua/uploads/hot_announce/2022/02/15/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2022/02/15/625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Tue, 15 Feb 2022 14:22:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"620bb73a-594ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxrtFGbAGorqXA3iUlkdl%2Bm0bB%2Fp%2F9Xq8wJ8wgWZoqF63zIeX8kf0dUSr7ZO8wQhJnTvtnbsSvzq9DhNlUDtc4sTPPc2US0FEw%2Fg7K1MdTIZvXFRF1aJ6bnnMk8akUrCwenG0vQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebd9dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
365823
expires
Thu, 31 Dec 2037 23:55:55 GMT
763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
ntn.ua/uploads/hot_announce/2020/06/24/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2020/06/24/763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Jun 2020 11:14:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5ef33578-f8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2odWGHjgWeUiHPq%2ByEjoUPotCVfDaRwbwlF%2BEINyISCM8UtZ6U9JlcnpycHWIdocPo%2FSfvLVEUzysQl1sLQsiCKXpPkYAOPB1uCaZ2T1%2F%2F11CxyiFyLDITRTV46kGI5oZ1VK0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebdbdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63676
expires
Thu, 31 Dec 2037 23:55:55 GMT
883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
ntn.ua/uploads/hot_announce/2014/01/31/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2014/01/31/883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Fri, 31 Jan 2014 17:18:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"52ebdadb-10cc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmHBSGzf3%2BSgvCFGbf3RNiIUpOw80Trrpw3DXi%2BtZZPTn%2F82iQj40B2rwCYe0za7V08dt2Tn7MoxP6QRt8ji%2FC2rgmuKYvPQVL9htuJqzEprDOH5G9%2FvEQpkKLRLGvLEHvAcK8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebdddd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68805
expires
Thu, 31 Dec 2037 23:55:55 GMT
74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
ntn.ua/uploads/hot_announce/2018/02/22/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/hot_announce/2018/02/22/74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Feb 2018 11:49:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5a8eae4b-12d9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYkMQCPbQceaZEzD5LeG7hV1mp882b5clwAuEA8arXcVKI7F6%2Fq7rw5FBEMwNM%2FRb4%2FRNhbY9wOCMZniW01izJNbt8cfqz8u1iHS5aXLrU3XbEkWGa2ODyGqdPtnu6Xy5zFZiaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebdedd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77215
expires
Thu, 31 Dec 2037 23:55:55 GMT
3d99e6dc71e5f1523518c8c10d992222e058a822.jpg
ntn.ua/uploads/news/2022/07/30/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/07/30/3d99e6dc71e5f1523518c8c10d992222e058a822.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc14852357bf40d65a11e8278a3a41fdba5a6bb5bab56ba3de7229d159243738

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Jul 2022 07:02:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e4d77d-59f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJYQzNKDNgrWB3FxO3Chl%2FYDB468dcMILfsnVJ5wYbciBTInfKpwJGQ1UBN1umTNC%2BGa8TC53OQZ6%2BV4AbrDrzqx3gbWwlsaoL84ueG%2Fw8fAv%2FtTJRF6nAlpwlpXaSrIgkptiKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebdfdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23024
expires
Thu, 31 Dec 2037 23:55:55 GMT
a0eb5590f42bde29a7981e455f8489c33f2c91ba.jpg
ntn.ua/uploads/news/2022/05/30/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/05/30/a0eb5590f42bde29a7981e455f8489c33f2c91ba.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47a846131784dcb7bc4fbecf19edbcbe21b84923063526307a16f082cf966e7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Mon, 30 May 2022 10:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62949c68-8b64"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju7Ut%2BeOsFCpsoNkr8Ix4T5zOx1Z7cfA2MpAYG69enufT2WihE1fON443iuwUFM2io7EZQ3fMfWMUTbFh2nRDzGqOtKpK1%2FhE3ftgD8H3wok4L5Nk5dqAok25fqdGp9AA%2BHnZ7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebe1dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35684
expires
Thu, 31 Dec 2037 23:55:55 GMT
video_big.png
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/video_big.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-5a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyOSBbr5DqLtVGNFro8053BNPrW6Py1Jb4drZg7%2BEE6OJluXMhK6sRS5G8rn7l%2FtqFu0ZYw3wgJcuTBGO%2BTAXaV8eaWKcyynucmXzkGO5qernSkyDHQ2r64XF8Nyu0vXiVgdaL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebe2dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1442
expires
Sun, 30 Oct 2022 10:08:45 GMT
f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
ntn.ua/uploads/news/2022/04/26/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/04/26/f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Tue, 26 Apr 2022 11:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6267d37a-8298"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps8MwFPiGjeF8NRA74XZvJ2nFV9oP6LcIRnO40c8MvQ9tEuiTHrQw%2FcTae0ZZSGpqGycNxQT%2B9KhCDPxjA7895fJKHHvIPTuUpg8TYqiRbCs%2B2P4HPputYrZhzgSax7zzfXXuZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebe4dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33432
expires
Thu, 31 Dec 2037 23:55:55 GMT
f2672663a7923a6f72de910c1f53803b9045c99e.jpg
ntn.ua/uploads/news/2022/05/10/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/05/10/f2672663a7923a6f72de910c1f53803b9045c99e.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9bbb71ee1b207d2f6bf43465b65cdd106320f89567b66abbf07f59a8ca0eb1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Tue, 10 May 2022 10:43:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"627a41c4-afc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngMxPJ9BGP5%2FSqgjB0o69MwCIZaLDha1c7H9tC9rcQbUfsEPjQ9WlWaLtGQXtWL6IgfMHo%2Ffx6R4ByemqJ9T096iT1zw3IhRtUJnZkT9nmIrhPBCkZMC8T9wzDotHKxrYJD0xgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebe6dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45000
expires
Thu, 31 Dec 2037 23:55:55 GMT
25d5a7992ea9832e7670b5e437756d39d5132793.jpg
ntn.ua/uploads/news/2022/02/24/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/25d5a7992ea9832e7670b5e437756d39d5132793.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b31a-238a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne4uOO1HlX6MWJX76h6JoeA1mImbCMgq34398MLqExi6W7N7sldZi02F9TZWJ4b42%2FGgok%2Bcy5tiP3dMAEakB9AzvF36pMo33KhsoqNvjnUfCOpO%2Bow7RviradWwARZezXY5yb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebe8dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9098
expires
Thu, 31 Dec 2037 23:55:55 GMT
video_ico.png
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/video_ico.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-478"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6p8TzvIm0kp0l7Kcu5nrZ4pFqM%2BEwwZdkEeitxed7kHM4m4p1G1S5tPQgwvdG206g9dX3oc%2FaZrl%2Biob%2FHYaXMCvtvIvDyIJoBQuPlc9VDdSYMwhu750buU8peaz6LOWepfMbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebebdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1144
expires
Sun, 30 Oct 2022 10:08:45 GMT
de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
ntn.ua/uploads/news/2022/02/24/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:17:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b27f-2682"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkGmZ%2BLZMXtrPheoisveVDVwwSdiHFjggMjvMYobyZf2mS%2BZ5oFiKfTuLQlM%2B9qyf5%2F942XgAN79i5Ju9eNmlZRlthlUUHxieREQHa6JPfjU%2BDfgWVq3O57On8vuxN7FD4FG6nw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebecdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9858
expires
Thu, 31 Dec 2037 23:55:55 GMT
666c5250a9685430aa994abee07d40fd894d0196.jpg
ntn.ua/uploads/news/2022/02/24/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/666c5250a9685430aa994abee07d40fd894d0196.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:15:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b1f1-1d72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8nRWj04y30Bvt%2FsTVa4YjytBhe5dfULNOTB2kL0BNthStKBS6MD2Rz4XlVlReXLk1QQMnz8G2HfBt%2FxloDOEZv3gDxlcviWwstSrBY1TQNTXkOOGnhVJVrmuUviYQowyX7rwT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebeddd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7538
expires
Thu, 31 Dec 2037 23:55:55 GMT
2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
ntn.ua/uploads/news/2022/02/24/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:12:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b14b-1c75"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZFgt6VXe06GAPxl9%2Bn%2FYNR2YqltjtSIP%2FcZ%2BH3j39o1MivFWtn1LpGaZR4aI7d1y%2Figh08op1mQwJDIHDRsRuNq5tIt5sXc2prfs6XCWi0wWqK5K5JnTJMRjdi%2FK54zRMOGuGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebefdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7285
expires
Thu, 31 Dec 2037 23:55:55 GMT
77222b6bbf0e407c9ab55ae518249acae7533786.jpg
ntn.ua/uploads/news/2022/02/24/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/77222b6bbf0e407c9ab55ae518249acae7533786.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:10:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b0c0-1fc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BZxSUUkeNFH2487VTuAxVTSm0temud%2BhEo9b8axzSt1%2FXrO1miGnenokKAE%2F6C01%2FIXQTItU1PJPFb8QEOJsuH7PdDxjY1J035GNkXBj6%2FqvGdXq%2BGviSufmt1AB27cwmW6Coc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebf0dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8132
expires
Thu, 31 Dec 2037 23:55:55 GMT
e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
ntn.ua/uploads/news/2022/02/24/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:07:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216b026-20dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G04h3RZdi31cnTJpJL%2BsHbk4vaC%2Fqew1c94um09NuIWap%2FvZBimf8XXWFXAd9w1fMG0q8Knw%2B3StbrfVVgul7%2FtVNcEB3fLYnvf%2Fnl1Ot0Txsp%2BQjftNEaByXdMNfxWNFOMAEoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebf1dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8412
expires
Thu, 31 Dec 2037 23:55:55 GMT
001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
ntn.ua/uploads/news/2022/02/24/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/uploads/news/2022/02/24/001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
MISS
last-modified
Wed, 23 Feb 2022 22:04:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6216af7d-233b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrVgxfDYkSE7EBqzYtTuX4yM6OrPfmqCxaEL82Dlkhe5xUlEOXzlTGVrYY9LEPhMhPjGTVFHeqSK5Il9oBoRZ8fAkdzuuVFovaejROGAe6mVOFHZ6FZi1g6f8O4YabRnSHyFc6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
761b1ae5ebf5dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9019
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua
inter.ua/
Redirect Chain
  • https://inter.ua/uk/announce/channel/3
  • https://inter.ua/ua
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://inter.ua/ua
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Server
2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Sat, 29 Oct 2022 10:07:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAKW48N6Lr4%2BlAlYga%2Bi1eVIup5eGaMfeVEIjBQA1CGr3AJCSCfgJkXVHN8gVCjz5Rp7w7AzboKoMxmjpZNiw8N52oLPpMZoCCaL8IbxyS7SWswiJiJSSlX0jftO9yi6abmbeVrrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://inter.ua/ua
access-control-allow-origin
*
cf-ray
761b1ae0ce7476bf-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inter.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/inter.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-678"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PobZcDJbGupy55S3ch%2FriRwZb9xpQl1ET8qu7y3rtdGEAZ83gusVRFwhZ2uCrlAqv5ZnoS49cEpy%2FspCcQFKlXD6MvMLENqOzBgPtVNolJ1awsRQZ3MXO6pfkE2ZYIP8wHQ9FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebf6dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1656
expires
Sun, 30 Oct 2022 10:08:45 GMT
k1.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/k1.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Wed, 27 Aug 2014 14:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53fdf15d-e8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rvk8je5ITJEQAIS6l%2BGfBQqltixDp4sZYXxdxGevz4bcErG2HE5KkcJ0esIpKx1KSM5AU29A7rGustKGYc%2BQrINu80OSEioZnMRRxKy8VuxWDt4yCVIDZWxXHht6typ6BBoWf4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebf7dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3722
expires
Sun, 30 Oct 2022 10:08:46 GMT
mega.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/mega.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-62d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OxeaRBfeVPn5qylwegl5X5Aw1HRmL%2BUPBS8O1y4YFmeC%2FcHOFIHOPNJ9DLc5WpJy7fX0SYSacSo%2FYm%2F09vrd37v6bWRwLWRpm0V%2BcZZJKMoivHM8k0eT8dL5esVgC0MI0pq%2Bhk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebfadd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1581
expires
Sun, 30 Oct 2022 10:08:46 GMT
zoom.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/zoom.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Mon, 19 Jan 2015 15:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"54bd1e55-e26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ryZgzd3tUC4rl2mFEaomdmLKdNBe0FlfkgLRyhF9%2Fea%2B5g2WuhEYEPkYpW7PO0MkRpTZbDifOK9cFZxY0EbcRykyl9I63CBuTtceKnIQ6y9si8tUHf%2B28e8zoqGh4vjYVtLOCg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebfbdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3622
expires
Sun, 30 Oct 2022 10:08:46 GMT
podrobnosti.png
ntn.ua/images/partners/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/podrobnosti.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-1380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BACPbN4%2BTfhtzUNevqYZopf8jwTcLWiq%2BFwGyu3%2FcU4ii749kLSGo7EnYuPzQnfpplA0Dfzmw%2BVe7NfUNiMmi%2BEblcP6Yu3HJnrxMTxdlrKAhjPKL88bPzQSUTH8LgUeWU%2BrlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebfcdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4992
expires
Sun, 30 Oct 2022 10:08:46 GMT
music.png
ntn.ua/images/partners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/music.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-80e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q32UUC8%2BIV133x9bnYXDqY2wwDlZfPCnfLTGf%2FzNDkMvlJfTOpbgWe%2BISSeOoOCxt3WHdlJdwhD6DfHO21qrV6MiHqq3IYb9UHwZQx2WwS74MtJESDodvH3F%2Fnd3gAnhDbOjakk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ebffdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2062
expires
Sun, 30 Oct 2022 10:08:46 GMT
enterfilm.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/enterfilm.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-7ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59VHqzOYLEPwQ2sBRsJaGt2h6669tt%2F3TN0gFYZ0B%2Ff8I2hnssQuqeOIPl%2BvEuhe%2BAvSVUQfEN0qbX4pwViNCNDPCq%2FW8upVyBUWaItYHwTz6pROf10Z5GCrp91S2i3Nb0Tw37c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec00dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2026
expires
Sun, 30 Oct 2022 10:08:46 GMT
k2.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/k2.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-7f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0H8gqHHRdX77lVZrxxEAo6eGwSoIhAt3xVD%2BNgOPkxW%2F6MdCwpVV3lZ70uVcUYtOJlSqj4UTiJ%2BbeWwLedT%2Br%2FNFsKF05F9QCN4siy9CKMd2nLcDSChOcnR0H7RWNZA%2BsSKfYRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec03dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2034
expires
Sun, 30 Oct 2022 10:08:46 GMT
inter_plus.png
ntn.ua/images/partners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/inter_plus.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-71b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IPoICyYfl6gX7%2BV8%2BErVBKGGB4I%2FBzhDRvAJCf1AHIAOkOojVg6D9A1oY2IvP9R9Y%2F3bSghoj2Gd5UN%2FWoJRpQeXNu7gZLhKCShMSHDgWM6oOqQlg2DfRc1631F9AJtWjXoKF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec04dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1819
expires
Sun, 30 Oct 2022 10:08:46 GMT
pixel.png
ntn.ua/images/partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/pixel.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-e97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZQxHOns5a6IkcSQJT5SCS8S%2BfH6Hzm51mvhwvrHzrra0DrXXUWaQybVF6P%2Fnkk8hIVom2jy8nyKYtBgVj7iEfijIE9tmbmdqpk7DrGctaY55xf5wGC%2Bael6tEn00DGT88JzTFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec05dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3735
expires
Sun, 30 Oct 2022 10:08:46 GMT
intertext.png
ntn.ua/images/partners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/partners/intertext.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-976"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLkc14EAT1lKb9V1cn9aw2vK5nsY5hN9vShb1KkctTNfNYdSt2yWpXhnGzYFaj9H%2BXEUNIuZLRSy375rA%2FVCOzYSPFFcN5C5xlqo3QEvhflOyCzhI2HGbnw%2BcTPVWWQDaWPQ6PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec07dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2422
expires
Sun, 30 Oct 2022 10:08:45 GMT
print.css
ntn.ua/css/ 		0
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/print.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:52:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0b-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRHqke1B0WumZCJUiV78%2FU5K7A2ITMh7z%2FAIsrXxo5V9aJy5BVQMKG7hykoPCKZfTOfpYCDVdLh7zoys2HQdN0CyV1flQi%2FWn6loJi%2FRUdjwPlOnlTNPJ00cBHebTsSb7%2B7RFL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec08dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
Sun, 30 Oct 2022 10:08:46 GMT
reset.css
ntn.ua/css/ 		843 B
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ntn.ua/css/reset.css
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:33 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53904c0c-34b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejvwi5N19avsBxW04tKOhZAW1t6mVsAwHAn2cZgYdF%2BAmLfRb5frRJd838eLqEoYVZyiT%2FvFU6V8ObLw8ZxK8GZhXSNUU81imEFj9X3bBh6K7%2B1ekn0hWv%2BiFKVwz4A3YrwSdpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400, private
cf-ray
761b1adbb8dbdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 30 Oct 2022 10:08:44 GMT
xgemius.js
gaua.hit.gemius.pl/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Fri, 30 Sep 2022 13:21:50 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
15975
expires
Sat, 29 Oct 2022 22:07:35 GMT
player.core.css
player.adtelligent.com/static/ 		155 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/static/player.core.css?v=3104
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=3104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:35 GMT
date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 15:00:11 GMT
server
nginx
etag
W/"626bfd7b-26cfa"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=3104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Oct 2022 09:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3937
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 11:01:58 GMT
hb_285194_899.js
player.adtelligent.com/prebidlink/463066/ 		284 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
a30456069803e789b02e498f563998088b85bf1f3eeac4383c1925c790b150c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:35 GMT
date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 11:19:29 GMT
server
nginx
etag
W/"631b2141-4704c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d19b9bb236d85ca7803eb588b36067092378ff355cf405eebd2f74fb6ecd67cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27396
x-xss-protection
0
server
sffe
etag
"1377 / 798 of 1000 / last-modified: 1666994777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Oct 2022 10:07:35 GMT
wrapper_hb_285194_899.js
player.adtelligent.com/prebidlink/463066/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/463066/wrapper_hb_285194_899.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
56202b9da90fc673469eca5fb60bdd13956a769cb1548aa78e3962c419c7840e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:35 GMT
date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 09:32:25 GMT
server
nginx
etag
W/"635cf329-6c2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
gtm.js
www.googletagmanager.com/ 		118 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTN3THZ
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
691b920aee45ddbc9b3ca71e4f06ece504c22f1d9ac40b8369a277be043ffd86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45433
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Oct 2022 10:07:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Oct 2022 10:07:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
b94MVkOQj3YPM4VlDm7r6264If1uvaEMqN4jnDSr36ALDvTfj/t/DG5MtrPcYwsIz88bF1KAG0OAFj7EhxRPwQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.135.39 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-135-39.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Sat, 29 Oct 2022 10:07:35 GMT
last-modified
Fri, 21 May 2021 19:14:21 GMT
server
nginx/1.15.8
etag
W/"60a8068d-cbc2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
content-length
16078
expires
Sat, 05 Nov 2022 10:07:35 GMT
ico.png
ntn.ua/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/ico.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-b13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt92Rw%2BvkONS0ljYO356dZyMwzgh30Mgl2XiIXbxbLN6QxVf1Il3pyXi7YI%2FyMyvufHKeIVBsLqKsvKY%2B%2BZEOpLUfrZ9xWIe9WsaxN4CgVYg7XYAm0jWSIe79z1nypiwhZH%2FjgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec09dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2835
expires
Sun, 30 Oct 2022 10:08:46 GMT
ru_lang.gif
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/ru_lang.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nViDFezfnd8m6QfF4ODfSqhokewa3OCkInQmlEXeiJFAaXBUDoVxc5tDMIe2Tg4ZKLSNy6VhENjjjxoyEcstsqX%2FtipOiNC1haFCBFs5KXkzIPM7Os%2FesMg9cqpSBZXy9kHqtoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec0bdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1136
expires
Sun, 30 Oct 2022 10:08:46 GMT
header_bg.jpg
ntn.ua/images/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/header_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1ca0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9aUsnTrD18riISK83kcPd3I3pk5TiioyR%2Brwgw3b3u8mc7NjUP5%2F22mk073j6FVxOMdKs9GHl60%2F7Y7DUorwerZTxyB4ZQHxuW5MztpVySh3yMVRsttqsg7s1UE5n5YqgMrsFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec0cdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117262
expires
Sun, 30 Oct 2022 10:08:46 GMT
src_ico.gif
ntn.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/src_ico.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-6ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJYH52leo27snX%2BTvGmuu%2Brpk9nQk%2FOCuO4msO3SyXHesQ79yNofL1MA2dpS3rPQJV4jJpXW13eOYU6UOiw4nF8Mlq8nwVDbiY4bEypnpu86UTmA1sEFk227Hk4Z153NP18YOO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec0edd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1770
expires
Sun, 30 Oct 2022 10:08:46 GMT
menu_bg.gif
ntn.ua/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/menu_bg.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-47c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJCrTFjKCpyP7F5zj%2F4WmU28Y8QR1vdMUP9zmESQIBa5MKo%2BdMt8V3kEBdlVm%2B9Hrqn3eEUR53sFBzVl2jEceRLKJSM70sajrJliLC2p%2FrCLsEadPct22QPWTTyMZ%2BlVQbIgoQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5ec0fdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1148
expires
Sun, 30 Oct 2022 10:08:45 GMT
likebox.php
www.facebook.com/plugins/ Frame 583B 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0773d30b7478dc67aa7b0621a3a81ff084e2fcc766c3d0b227f45cc981895638
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 29 Oct 2022 10:07:35 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Q5P6+uJw/lcuI6yBgm2bJ8x2S6mS3MTnnusbo+jyUJnpt3n3K8m09dB0PXoTNeBekC+Fty5LDfmLnMF2NDeCzQ==
x-fb-rlafr
0
x-xss-protection
0
03.png
i.bigmir.net/cnt/
Redirect Chain
  • https://c.bigmir.net/?v88708&s89294&t3&c1&n26323&w0&y0&d24&r1600
  • https://i.bigmir.net/cnt/03.png
723 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/03.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
last-modified
Sun, 02 Oct 2005 23:04:59 GMT
server
nginx
etag
"4340679b-2d3"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
723
expires
Tue, 01 Nov 2022 10:07:36 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:35 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/03.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:53:34 GMT
server
nginx/1.13.0
etag
W/"5dc27bfe-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:53:34 GMT
pic.gif
juke.mmi.bemobile.ua/bug/ 		56 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=ntn.ua&j=1&nocache=0.3296789062332781
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cache-control
no-cache
server
nginx/1.18.0
expires
-1
mega_bg.jpg
ntn.ua/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-659"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr7dG4BPVNxJGroM0Qt24ieGSvD6jjgmlopNJ8H3%2FLXt7Dw6sDGDO4de%2F7c0GnoF7UPhFEYGttZYGCgnyshc2uiOtWKn3OvS2Gdu8kMIJdjKaRIVqE1AdwVSRSMwRAtfWUtA72U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc21dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1625
expires
Sun, 30 Oct 2022 10:08:46 GMT
mega_left.gif
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_left.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-e65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWOVXX5jtQ4tsDlePwrmKnI00V5lATle%2FPdeFM2IHXiVLiYoS8Ca3A2M7tI8DrUq6bEMaIGxFqYekl88f7axCE2dMfSEJj51kQP0i5fDOPtWnYL0AkcCAjg2%2Bt1u0Ecq6wOAfJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc24dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3685
expires
Sun, 30 Oct 2022 10:08:46 GMT
mega_line.jpg
ntn.ua/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_line.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-91a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZrNK6zDvHN9GKzRzNLnY%2Bxxs40wPkGakH1CJ0YE3XUq8jtST%2BROaMd2y1ylmSEJmdS2xQA6zSdzQSMfiHPef7owpWetk0bi3cnRQm2ha2dI5xuY5AzH3JNB0VUcNBuvmSqCKcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc26dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
expires
Sun, 30 Oct 2022 10:08:46 GMT
mega_right.gif
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/mega_right.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-e5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBYHm6oiyzQjPxPM%2FbMGStDWNWs9wnJVRCJnxNjVUqP8yTaj%2FNd%2BosTtMSy0Efogb85U7vKAMRBaAlDUtyvonl5RvjNo9BQp2gEtRpGhz4C3K%2BqcKer%2FSrg03ZNssYNJcFAFhmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc28dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3679
expires
Sun, 30 Oct 2022 10:08:46 GMT
report_button.gif
ntn.ua/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/report_button.gif
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-ab1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz8wtotZUFcRZsJQ6hcwVhdpOJ2n0LtEnNkL%2FD5rqzhfhL6BhTJlWZAipdkCVBcRJ9McYNnq0menYKkqf%2B1jGIML%2BAFPxmjOPIGeF99TdzTE2kTj98DDOBrGTHbaj%2B1t%2BHAWdng%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc2add1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2737
expires
Sun, 30 Oct 2022 10:08:46 GMT
channel_anons_bg.jpg
ntn.ua/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/channel_anons_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-ebf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xb4avcD7VoXFjOREXlxWsS3MVpj%2FvTBnfEitXVwtze%2FHM6FFuk1%2FPHc1nWgugRvXpOkfgJ98vaX6g4ssYnJQ0Jv9yAeJlOf%2Bjopf68swr9yaxYS1%2BiB2dwIS%2B0IahNIZcJVvf74%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc2cdd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3775
expires
Sun, 30 Oct 2022 10:08:46 GMT
footer_bg.jpg
ntn.ua/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/footer_bg.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-68e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TNjOvWj0OylHjVnog4C2sDOdaPBaxccFUBPmtXp62iHkp8j95PSaPYwS2P7D2UiTZXjSsePt3nCmgPCwP2gg9mqCYOT9PIm1t5keQke3CayTIpAlOytQVBnOpOcQU8uyOLY224%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1ae5fc2edd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26850
expires
Sun, 30 Oct 2022 10:08:46 GMT
79386
stags.bluekai.com/site/ Frame 6C3D 		71 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=90559870
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

bk-server
fa57
content-length
71
content-type
text/html
date
Sat, 29 Oct 2022 10:07:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
x-n
S
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1931192753&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1301450624&gjid=1543428810&cid=1514351197.1667038056&tid=UA-157387674-2&_gid=1887117192.1667038056&_r=1&gtm=2ouaq0&z=1638565922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
MOMxKWD3l5u.css
static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/ Frame 583B 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/l/0,cross/MOMxKWD3l5u.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4645ea9d1726dc76a0274b8b49cd812161097bef882237afe5adbbf225e14543
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7k5PMUQzJaSELr/X0qnfrg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5087
x-fb-rlafr
0
x-fb-debug
zcR3C14ytk/kIymu1eB7Y90plf0nW592ux0XkYfUXbMgo07kyQSK+DbLaA+N4VqU9+WY4zp6sIitdgzn+G1tVw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 28 Oct 2023 16:00:36 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1931192753&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=266229859&gjid=962003988&cid=1514351197.1667038056&tid=UA-3902239-38&_gid=1887117192.1667038056&_r=1&gtm=2wgaq0WTN3THZ&z=44796349
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022102501.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130606
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 08:35:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Oct 2023 09:51:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		102 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91ea59ec85aa329d6c9935ce6ebc74c6e37add1ab0b6111212410f7230ae701a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:35 GMT
293798261393374
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/293798261393374?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09ac1a140bbb925efb4358c34c487fe8115770a9dc5ad48b84674f33ed7b0520
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Oct 2022 10:07:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6w/PWmBLFtTwAgdQCp4HZDFeCOSHmvodz9THBeW4EKgFLrnsaVCtDkP3PAl3qE5dKpqliqitSMC5grpx7pe51w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		275 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ntn.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
94c9606c58a960604df8913628c71a25b3484e7782ee44213470c5046dcd418b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
275
expires
Mon, 28 Nov 2022 10:07:35 GMT
lsget.html
ls.hit.gemius.pl/ Frame 99AC 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
5dca1aab09bf4e9cedef0c4a45dc5c5d1378e7a2070a335addb038a1ca782153

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2713
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:35 GMT
etag
PRIVATE7520710249
expires
Mon, 28 Nov 2022 10:07:35 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
hbw_master_285194_899.js
player.adtelligent.com/prebidlink/19294/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/wrapper_hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
37dc089dc27d18a0c04aaae4807b9a968ffc74147c0919fa9879efea56a7d7f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires
Mon, 31 Oct 2022 10:07:35 GMT
date
Sat, 29 Oct 2022 10:07:35 GMT
content-encoding
gzip
last-modified
Sat, 29 Oct 2022 09:32:25 GMT
server
nginx
etag
W/"635cf329-18e7a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
MISS
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
last-modified
Mon, 02 Jul 2018 17:26:53 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b3a605d-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		1 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3902239-38&cid=1514351197.1667038056&jid=266229859&gjid=962003988&_gid=1887117192.1667038056&_u=aEDAAUABAAAAACAAI~&z=1900617103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Oct 2022 10:07:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1667038055828/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn...
  • https://gaua.hit.gemius.pl/__/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...
169 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=zGAbI99GEq8MxoX8l2AVj4pKUBJCz2IwnKhreWVHafj.6703sm5ds0Xb3UyzHRL1hzwhxaDWCVBLjTpbldEvtt20CtoH/GUxLPwhmc_fFk/&ltime=239&fpdata=zQW1v6JYB.N_s0GZ3LHa_KOMOhoy9lCA.qoOrXGIkfP.z7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
5bde95ca5601224816c7284d0d765019095733b7ae687da55c077f114e117187

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Fri, 28 Oct 2022 10:07:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1667038055828/rexdot.js?l=100&sendf=8&id=pxY7KX77FJjxRHLQ1W50JcPc7DRKIvgym3.cDXb8Z_X.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fntn.ua%2Fuk%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=zGAbI99GEq8MxoX8l2AVj4pKUBJCz2IwnKhreWVHafj.6703sm5ds0Xb3UyzHRL1hzwhxaDWCVBLjTpbldEvtt20CtoH/GUxLPwhmc_fFk/&ltime=239&fpdata=zQW1v6JYB.N_s0GZ3LHa_KOMOhoy9lCA.qoOrXGIkfP.z7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 28 Oct 2022 10:07:35 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293798261393374&ev=PageView&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1667038055855&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667038055854.1043967917&it=1667038055585&coo=false&rqm=GET
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Oct 2022 10:07:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
config.json
player.adtelligent.com/exchange_rates/285082/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/285082/config.json?cb=https%3A%2F%2Fntn.ua%2Fuk%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e6942260a73b492c3f61fe0fe807cc5346a57224aeb9d31ed0be9a22677dbac8

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 31 Oct 2022 10:07:36 GMT
date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 12:01:10 GMT
server
nginx
etag
W/"635a7306-1993"
content-type
application/json
access-control-allow-origin
https://ntn.ua
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ 		151 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b803db59f4ea327ae1f42388d75985f2b7bad6511651355b79731dda5883e551

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
151
tracking
ghb.adtelligent.com/adunit/ 		43 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=285194&site_id=899&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fntn.ua%2Fuk%2F&adid=trf07f.y4&features=81952&vpbv=N093&lifecycle_tte=3501
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		680 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2194325773231837&correlator=792367141741288&eid=31070592&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_NTN_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2003x1300&ifi=1&adks=1445112672&sfv=1-0-38&prev_scp=welcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM&sc=1&cookie_enabled=1&abxe=1&dt=1667038055920&lmt=1667038055&dlt=1667038053431&idt=2386&adxs=-201&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&psz=1600x1786&msz=2003x-1&fws=512&ohw=0&ga_vid=1514351197.1667038056&ga_sid=1667038056&ga_hid=1931192753&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db260c1474fddc20e8f65c087284426f485e33534d21b6e4f8a76f266ff8b904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
355
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FAFD 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:36 GMT
expires
Sun, 29 Oct 2023 10:07:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csyncs
ghb.adtelligent.com/ 		647 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=381325&aid2=467848
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b80acec532dfc1bd7e49387f48a7353457a8c8c7263407bc8070fe113bed2974

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
349
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntn.ua
date
Sat, 29 Oct 2022 10:07:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
ghb.adtelligent.com/v2/auction/ 		2 KB
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
88434c25737f9e78eaa61b8b4b36272e4d8ef60dac005965cab1c31f43767e9e

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
344
cdb
bidder.criteo.com/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=6709233419
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Oct 2022 10:07:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://ntn.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
ghb1.adtelligent.com/v2/auction/ 		241 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a77c0ac33043cad4abf9e3544cfe551f028d2cd055b6be5a26712f49292db6e0

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 29 Oct 2022 10:07:35 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
147
arj
adtelligent-d.openx.net/w/1.0/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntn.ua%2Fuk%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=87123364-436c-462a-82fb-54bf0412c67b%2C929817fc-84cd-4e20-99e0-c7e4d03b4349%2C3ca6a0a8-53cc-45e9-84c3-3d46b1f68559&nocache=1667038056053&gdpr=0&pubcid=9404ef77-c17f-411c-ada6-6d46c1e869b5&schain=1.0%2C1!adtelligent.com%2C283366%2C1%2C%2C%2C&aus=970x90%2C468x60%2C320x50%2C728x90%7C240x350%2C240x600%2C300x250%2C240x400%2C300x600%7C970x90%2C728x90%2C468x60%2C320x50%2C970x250%2C970x150&divids=div-gpt-ad-1516984831775-2%2Cdiv-gpt-ad-1516984831775-3%2Cdiv-gpt-ad-1516984831775-5&aucs=%252F58302844%252FSLDS_NTN_Footer%2523div-gpt-ad-1516984831775-2%2C%252F58302844%252FSLDS_NTN_Premium1%2523div-gpt-ad-1516984831775-3%2C%252F58302844%252FSLDS_NTN_TOP%2523div-gpt-ad-1516984831775-5&auid=541177132%2C541177132%2C541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b0be8db74ac8bd244f66380adc0f170f9d382ce0b28489e26a4cfa0907a8f4ca

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ntn.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3017
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ba3e156e129e83a6233deacb0e7ed1fb90067f0d41caf300a21eed900bfdc8af

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 29 Oct 2022 10:07:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ 		335 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9404ef77-c17f-411c-ada6-6d46c1e869b5%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=87123364-436c-462a-82fb-54bf0412c67b&l_pb_bid_id=40bf570587832d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&slots=1&rand=0.5701063930688997
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e996c96982b729d39268ac0987567f918c5aa88f6783561213d0a36c4ab2a8f

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:36 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
335
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=15&alt_size_ids=10%2C17&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9404ef77-c17f-411c-ada6-6d46c1e869b5%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=929817fc-84cd-4e20-99e0-c7e4d03b4349&l_pb_bid_id=4129fb04493900d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&slots=1&rand=0.49921707918905445
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a93a88d292f92f4a32e00cac7bdb6ad2c0e717abe2100421a1799cb5441e4f39

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:36 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
333
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		335 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55%2C57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=9404ef77-c17f-411c-ada6-6d46c1e869b5%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=3ca6a0a8-53cc-45e9-84c3-3d46b1f68559&l_pb_bid_id=4291e0180e98a53&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&slots=1&rand=0.7421740683524225
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5841da9b44e7eb8243096993385066e610b103ed3007bb2cbf18e5500baebedc

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:36 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://ntn.ua
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
335
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cm.html
pa.tns-ua.com/viewability/ Frame 40C5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 29 Oct 2022 10:07:36 GMT
etag
W/"5b310387-b5f"
last-modified
Mon, 25 Jun 2018 15:00:23 GMT
server
nginx/1.13.0
/
csync.loopme.me/ Frame F428 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
server
_
csync
sync.adtelligent.com/ Frame A014
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=adtelligent&ssp_user_id={}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=adtelligent&ssp_user_id={}
  • https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=3ebd0266-b147-41c0-832b-20e2cf49008a
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=736011&extuid=3ebd0266-b147-41c0-832b-20e2cf49008a
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 29 Oct 2022 10:07:36 GMT
Etag
03478b65a3274c48
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 29 Oct 2022 10:07:36 GMT
Location
//sync.adtelligent.com/csync?t=a&ep=736011&extuid=3ebd0266-b147-41c0-832b-20e2cf49008a
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 29 Oct 2022 10:07:36 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:36 GMT
Server
Adtelligent
Etag
03478b65a3274c48
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
date
Sat, 29 Oct 2022 10:07:36 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9F2C592A97E54FC79E4FA700505F5200&time=1667038055701&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=561068466&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=3&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:36 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=9F2C592A97E54FC79E4FA700505F5200&time=1667038056182
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293798261393374&ev=Microdata&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1667038056362&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667038055854.1043967917&it=1667038055585&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Oct 2022 10:07:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ntn.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
23079102_1358876393903_closebutton.png
s0.2mdn.net/ads/richmedia/studio/21515482/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/21515482/23079102_1358876393903_closebutton.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:19:17 GMT
x-content-type-options
nosniff
age
82099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1623
x-xss-protection
0
last-modified
Tue, 22 Jan 2013 17:39:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 11:19:17 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		74 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2194325773231837&correlator=1011339928830977&eid=31070592%2C44714449&output=ldjh&gdfp_req=1&vrg=2022102501&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_InterGroup_NTN_Catfish%2CSLDS_NTN_Footer%2CSLDS_NTN_Premium1%2CSLDS_NTN_TOP&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1366x180%2C970x90%7C468x60%7C320x50%7C728x90%2C240x350%7C240x600%7C300x250%7C240x400%7C300x600%2C970x90%7C728x90%7C468x60%7C320x50%7C970x250%7C970x150&ifi=2&adks=3749508852%2C3558692828%2C952306158%2C3762424195&sfv=1-0-38&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26hb_override_id%3D2294227%26hb_buyer_id%3D15172%26hb_div_id%3Ddiv-gpt-ad-1516984831775-2%26is_vmhbmp%3Dtrue%26hb_r_id%3D243848a27c30ef7%26hb_site_id%3D899%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D8.00%26hb_adid%3D44c0a1b24630ed3%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26hbmp_loc%3Dhttps%253A%252F%252Fntn.ua%252Fuk%252F&sc=1&cookie=ID%3Dadfda1d59bce645e-22cec9a15fce0074%3AT%3D1667038055%3AS%3DALNI_MbgAZc0ALMs0jN7WXzqWiAf6ZEBaQ&gpic=UID%3D00000b79a9cf5cf4%3AT%3D1667038055%3ART%3D1667038055%3AS%3DALNI_MZpjGXuDW-N0-k2a7FsLDwM35cJkg&abxe=1&dt=1667038056400&lmt=1667038056&dlt=1667038053431&idt=2386&adxs=117%2C315%2C1004%2C315&adys=1020%2C1786%2C362%2C25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&psz=1600x2256%7C1160x397%7C300x0%7C1240x50&msz=1366x-1%7C970x0%7C300x0%7C970x0&fws=640%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1514351197.1667038056&ga_sid=1667038056&ga_hid=1931192753&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4680cc57fb507b89d19c13051396e857b2d5b998831b6d07465539260abef3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28053
x-xss-protection
0
google-lineitem-id
-1,4454514931,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138213736357,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:36 GMT
expires
Sun, 29 Oct 2023 10:07:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E539 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:36 GMT
expires
Sun, 29 Oct 2023 10:07:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D515 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:36 GMT
expires
Sun, 29 Oct 2023 10:07:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:36 GMT
expires
Sun, 29 Oct 2023 10:07:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E539 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 16:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236196
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 26 Oct 2023 16:31:01 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E539 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a76a7ff51b1eb5f1ea0e715070bb3a31274b2a7059597dd9effe100a74a926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41624
x-jsd-version
1.14.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19167-FRA, cache-yyz4569-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-B7CcN0WmU38aLrErV7huhShFoTM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yva16cFVIbP8TSJp5wYff%2BznP%2B0UuqipEP%2BEDrrGRdASkuRb78tjdtLokeqKgxebf4tqveRZzDlEAiUFUwMODqJ3T38g7s39Xi5xwsd4PXuPFP7BMSh9FOH07oTIl97HAdPj21jsokcoPnzjapI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
761b1af039d57200-LHR
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E539 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6D4C 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8FED 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQf3nixaf7SNVjTSoHjgNbd4V8zGEu7A6ZPLeWM5XujRHOn5TJ146t5dU5ichsZZc358kHvCPr4TRWh96dhFz2Tbnn61gnDSq9o5SO1qUdF_2aczqyEwtMbzbeMEe06aHBE-h1ZOC5pgBCauwqI-J3eTKKV0kTgSxaR0WzU2L_nCjwSAYFzb-sVo2PN_AlOkupaVn&cry=1&dbm_d=AKAmf-A5_ecpTEcPqN1T6Sdoe6ePMJMxyMgt82HJbHzuJKPOkVdg0DCo0f5Z6SHvOfBEA_a8WlkSITamOTOgQVR-OdxBNjPNR1Xcb4tjzB5K69EbT_N2rSqqwaID0Cbxa7_RjSs0fUOMlOCYx0ulPRSgMsIgOdDW0zBFLu7axkcf6Q5WpNKO2Zsl_uB687RBjbLTLtOCpm3TE2d8PQI6WxeP5NhoAfsB54jw_q8Pc_GCs2ZI9GFKyWAr6dUQuAJXl-r_WeuD493eGn8wxOIM2qJC0WcbFxohEpc6ROSpk4gRvS1NfVTj9PBMGKxbjAvBdzTyM-IT4X-hnoCSi10yTsrw8GfTJyTSy3BxrtkdXead_obN3_BTNVwpwyx6cg2CuXwfCGSccpxRAuyHPZzckwIpAa6J4O5MXCKLu1JG9bmsj-tMG9BmCY7LlGrt0eu9p6DPdUzDPooHL7P3YsC2viiaudDHGZ0HUQTwltinfji0Gm1TIpnFbdgAXCqEZ5oaDTEyk6yzVUT5aV5tQt-c1x2qbqJhcuoZ0Mj0l6-_jOu4YGH716DBx57eK1QzF0HXZJ51dn6p9DWcjmigAl_Wm2qd3TYN7SoO9mx4Zo01MWpG9Mvpq326uxTqt_IvwDVpWGA4bdj1frGTdi6Km-J1_nusrLaVIH2qdRNyup7fpr7Q1uMObvxoaWaXcF0LZLXVwOCm18K0QflghX0eg1lkd0pXFzI9TzvYieSNmKLuIdJG6ift6GaVgQS5VxKUuP8mg5AO7SiM2AjBreS8zrLR8Db0MUGwn24xPxsIx69iwweZW29_aEFpBuVzzjPY311kMGc7J5ileCqil71ak3Ycsaw6dahOhED4ancuJEu1zDjexJ208uPsG-KpjBCsREZqgXC8s9fyPgvfixuGCXLm0_3_vVRY0HICeoOwW_biJSP5Fllvfkp52XRR3bol1ffe_KOVLMa1ca2ad9zQUsfOQgmC01yZlyALk3E-_YRbcrNJHIKAvN56vvJ5ym13QUd-J7ZzwdNgzrGEx5fFSGvQ8ntlsYIhESa-fV3FGdEmxvwpXEtDol3PAIT6i7zXTfhW1xK_0izXbcdEVeAIo6DArn-0upsMDN9a7UzNVjXAABzTdCxzUAmFhJNvzX0eKbJyNKprCjPQ94EEA1aP4ohDmm8dh096-beVhmbnWQ6M9Xck59AWxhUd4Ncn3MUFT-FffuBgNi1gRKsPxLVvTbmp8ZG2Bw4lY2ZKHOBMuckuhkla_ljhdLbIRPtyMUp6Lpw54-Wlw3Sp0ZEbLMjnx6E6ExtCgK2z6wVLI8TuqdqwoWrEwq3313CsGU5b7-dXBHuDW8z9qXZURCLphqJsUMKPhgIOVmpdqR6JQ81BrAmMULCnLNwXwEUBcsWXv6_Vx-idEJv1BZJ6F37hN90qX40jsuYzNlM1if_LZeeHu0ksCzbuatRkhgGJKgE-oEVvmK9ztUR5N50UekeOU-fi4mNI1wiMkmP0WinN8CHbyrGSd16J8-z39BHNBhlIhFRL19d_oXm3vOPm6eDSrOAIOHUpRzFPm83bvHOJNQCP0N4NAk6u7RNbXBsEMcBHmAcC5tRN14PQqF-F9kO0f8Bbjscmfu4ixlWbb7raPvZoYhlA0zQSe3FF71WvkJYhB8Aa4fD2bb7jVhnJpayqSxkujyyHN1ybMOurWYK1dAwh3YZtgL1ov6Dk8LvOsjwrJntCKYEtUodF4bskvkmImigCs4swy5jdb1-8Dm1xCv3NI6F0_LFXpjw3EWZkNdsGfo1UiqaOP_zkiNwV8QaIonikKsGZpQOixkO9lnPXRfKsloNWBxrhLBICWL6w2Z1ZlbniwTbDaTnegDlz3v8uIUDOuiSYPbOVG1-8MolvUTKyLX0x-A1lY2H7y3zQaUHHENqE1fqOAPAeYM9GaeOLxmutRcprC9ACmkH4TAlOokHHzkGm-PV7jGw690amhGgiAWiGYOpMCgt-lWppfTeJo5pm3ZmKmR0symtqAeepnFc_6mYYbTpyBec6ae6JRDzM-H-Y6YqVniSRj9aHFdXBrlnTMNGY0r4cFbVSKKJ6Vf8RdiA3MyDS73MR_Lu932edFONWWWFkPJjtMP7ONy9YDGWlbkODgjGMbLzC2Bg8w_izttzBDyszAEWkZPx7YKcO4Ex1DiAimyA-WZlM5v7Du04buBmbuD2BW_3klUy8o7Qb1fRdP1DhDRq3U9MSKG5lnZUqSu6LNBxUTGPGWar_Z-xIRkaF3jTRnVELMr-FMJKXE3NjY4sqeAnP7a0IzS_EeVCAs51h0S8fssWObjueiTGq7FVnABpJccRPCwjAfjONXcrUdZ1C8qVO8dy7P-m5gTHdGWF4T3CiQtNXjKZR4-ysJxtTDs86OP285OOxs2eKsFH_IxmDvtuHJfSZrv2EISdhr4XOvclNpN3ttyviOYMUl_uDLfrlYsGbmfSwe2gVK6KEUMxO5k1IkOZQjQFRY9E8SpmfYIA_9cWVPmNaE4b5uG4vCXjGrNLzd4FVPmBLKFofF_WLdRIYUtDL_ufDmO-f4A0y2hA34bWwcdmb74Wog6v8nj3JnyoAFltw5aDwwWDt2atFkBwv7aOrljWz7tkyymYXUbtkdE8AX4q3BUv7Mu4-4RkWI9XuivANt8DYh8lDu6brpLqsf6SwIsKw2bWaNgrvHggB-MlJ-2tyskveeGZ-ZZQiXRVFw76GmNlC2T3qkUHcHG9HUemTFrvgzAC4zzK4ChqnKd3H5eOwv4IApp-j0D2AQOOyXVEwlmQ1rqIX-01xd2jZc_DpQ9i453PcqFbi1iqhDW6KucXjvg1OIV8XnfL49Z3NH-FmPtJSbnFIgKua80zdxcL8HyJsBkQXfD-CfacvbWqckK8oCxv3MN675_NPuVAd6BMx5nS4e2_rZVMsEYnOvitbiskCAFXSHYBDQ9DLNxslCzeCODdF8PxSzGMtclIwGiz2QeFFuN9OI-mF9ZV9oyRbYbH805DmffQd6aIBbHRSoqosDIG0Mb4nI_jUSivybt6q4WForTU8Im-SvZ_hlHzTMaJ5sF-BNIWRA8SEGW0jq-vSuMXHInK4nfOQZwvTII7AMg3MJQk_pmftwbPNokJ1AsjKZd_H0pwPHbObS_wa5odLcYV16UE__-n5cmOLePmM1kC_k39Tx6dVUpb6pgXhnuF-sLcNuBqqm3pIkSXsejFL3ZnLrxs3u20Sozfz4yBIzg6l8XPIFQVOK0fdZv5yxMaZYX_iHipK_AMqqXGRstu4-h1JdNw0vXFObKVp-19Frp8wNlmvucWR8jS1_Arss2jvRK8QliuPu6LtLLjkPQZiN4bXyVZUOmBDL08MWyP8GlQHYJbG9OXY8JilLuViBSyutPApyD6eYa3syYvD2I11db5-Dil3ZjYTNayJom3mgPvpEQPIrnBUlT_Na9A1qL3i3u_dyjOKZTudFBSAtlQwtORQB7L9B9PQPD_8nMfYFv7dKF0Zs2XLbc1IEFfpJJXDneORud7LbYrXCpU4vX286SPJUaOqcywh3ZaPCyyVvnSlsbFM_IelhDj4_iyUWbcAjM4I-1QgjoUjbjBheBNvV1cc3f06xMP2oDQfIXHH8PXi2fuWl9H-x6uMbj1Q0_yQQn_tx7ueYHiCQJRRX0MT0ggOAGr4QGwmZTY2shXJMI6RhozFGsFr-qlSZ5BtIaN2Obuj3eS3xg4TNryjKwEhFw3iWqrDkQn3ZfKBVxfnWS-aLeW7fAj3zJi15MBlegI6LGXxG2DGwZ0UOfGww08-AcYOAngRIezoBbhOlphW_1b7NTVNHZmQXXBjEKyRXF-9aOIlF36C_gtfXhwnWNfqjCP62u6aKLCdwXzVhFDKupsRXYjkgBS9kqc70LavqY5o7NnQ1datGRzg6RRpWEQ75z8F7Ty75C7Ho0CxXbHbmLEmWNHmQK0s58D9LKsUe3ZeAuQQpgHeEFaiUJiNEzwdM1YgkNm-b3LsQDL4DRDHSa_NcLSKbjJV0SxPbL8v93AnRU-Z6RddtRk-lgTsgCFCrvhNzcrqKnwuXExz8cvi3WbtMdm_0OK9q8i13ArwMflkGrlAoc_DJglqnIgf67F8EZSLcSMz5qLlQunqKoqr4dg7khFula21Zc3zhk4EfgVAf986ebzlW4k_YVyQrnYrf6kThWXMEjIH4SRXOU1KDw&cid=CAASJeRo_Q4JftsMthzCVwVAC3wVzLk9NJbS_9IGhFwVBfRcYpDU-2g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
255055d2403bde6efef2843ba5a2a484160514f942e7a1d8c7dd83828a649a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FED 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABMm1V6DcnqO4bvaUsWvA_6u8Fdwho480c82TZJOFxRdiX5-vsUpysv-vK83Noc4ASLcqXNzch_PllB3e1VqkxQXLrQnrD5Itpz00tWEBYzze7jhg
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8FED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
4088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 08:59:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 8FED 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 14:36:43 GMT
l
www.google.com/ads/measurement/ Frame 8FED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfWHWmNE3a5nJfvuyqy23HXmBzt5vqGCmaHRfV-dO1EbFjJWQomyV5Y-VCz0hF-KSrO7FPIzDSFE-EaLYdu6t1f8oPsw
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FED 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FE3E 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D515 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4XeQyGkjGLMe1wNRIXrK1MdFf_pU78KxLoXUMTdoneZ1kI49CkpM6BCZhhU1JeAmFwewsnf5x1STF1wIay6GLsVH0qU9q4n0WlftwArdB-WBg2nJrbefT5t9NZoimUbUTiUULm1Y5Y9rEG50ft2xxtaKpayYXTFSC9IC9MvvBjqimoys&dbm_d=AKAmf-B3ZTwRDZ7NRkOAWmOeyk26bcC0W4gykHiYjX6sA_9qasGFUMdyycRVFu4eadYW2BlZopFpkTqL_MxDFvOJawUmKM8YAaVJjE6MwIZrfdNBpdMXF6TShmXqMpHMOCUNMX1vG9Y0vGTu7JCP1KE4pLoiqFzyuc51ggauPw9gmVkaFW64VwFzO-bjfWYfoi31KRarvYTAotYyIH3MvnIMMExo5YJtSxLroRoj4HGmmwZwkjL8Nh9LzWyDI76FayODNcEdJcX0Qn_76KmOX3-K-YjPajEN-3N_Ui8gy1oWoS-CXCSdDRGBrHlD7yolSawR6LBBtQTRNHEH4WTPMQnVPleJRm2Vd6H5RVxaoyqcG0RppXF5Nl9HEJHVZqgLTvLNJJLFiGtLMELJ-CteM-3hiW5dpGjXIQpHAsoFtMBN6suBKeorArOnmTS16xjimsXA_bitGraZgh_OVm2wRHW7j2jEMX8z-Cg_CIH2jIfZv0sC1mYqtMSUHgeqpu7ay3wDpi8VXuswS-WwE6Fbqb6Rdc7130unvfpbQsNt1GOYxXkyg9zBTrC6rJrIr046a0gHF86XxtzNK6Jr14yagK_sCe-xf4CzLUmsBg6CXUfTzkmUrzF2-iPG55Dy39pv4KdIeXu2sMrZ9ZKXjZLyMNtkz2OtDX8QdZCPJ3DmQnduha58pztZmO5xT7nZ6ZX9wGW0JLxXZTUbUCZDsfR752LzZ9kajuqEnRf41nfy6zwbj3USiZVd8qwO3U5KTKYWxgT6jXscIGNBVQigELerXeXB427zGCrny8w6I4GhzMwxN2ExyBk-gr43AAnZvQap7hupbpWFGoN4QhPKKf-wT0296fJforT-7W3GJLPou_OCW_PHUtdaF7JYbg5jDUha4fVaBUVmaZfii228ed8zRRMx1hwOa1bi4cEKO0XLWvQ6Yn-QtCnxJAbZWDgYnboMSGf1Feb_ejxiSRIwaPzrBDp4DT60pM6mu_-ybKD4OHoujmFmTih62qUg2Bt14py8h1gYHuNFC7Df1HMpVatZKcc_Y4a5p4rpLIHsxxig8WXoaq7SEWajyTQvQ-2IR2pBJ1Rd6KMHZS9AIR9Yu3Jbhn2d0zAsvFgtjlr_X1VcCBzA0HqHUr3MJa7CU8njGbjnraFjZQzpGpHSidPl8a1amF6wQ-N-dYlv5cZQyqvvJbbx5kH2n5xPqVvs_Qc9LDJ18QAJein1X-hewsbu0J7e9PHKO0e_BoxlWYN-7o7KLEQEij2-mnsJbo7lOdUiMOgPQPC52_bLjR47j8d7g8jAleXmdSQIxb8Uk2FvVbXS1mrTN0itI4_retxNfESSdWcyXA9fiQ1i5ypOBSPNC0_Ga9uYfLIae7nxbz5L4tIlLCj7j_c-44KxrySSz9dR7XAQxBbAPp8x5z3PCxCNCKstcwc5uEwEFCcECDVPUnV2eg3OO8AmCQp0p2-aG5-0AYN0nT4eNb1IXY-SxZs14C9KBSHi2V4VRvPHyLLhN7MgS8CGkAK-VgyieSP-QlXdUfSj_i0sF86OCdWjJoyBDQVOIlZsZ2AU-1BAqCJmAvPKhV-XoZtixEnI6okErreBaasYvxy7Y3Q_Wj11oVI54-WtAu_X95Lw4KsA9GvIXhZe9Y8DdCUf6SqNvkkx17N68LMbvzE1VTdYBpzW9WClx_QYyahhz1e7gPnaD04Sh6QQB83iXzkHlR0alhTXdQblf61nueo3pRRQr8sIkgXUAPeTnJdlOvCdKTtbX9SwHv-_DqlgwScntoC40ixt7n2ydR7bSbqfgXGBS9Vd3dVcfETdwZcyUJcWkskCO_yd6ZHJjMYufo-pMUTMlpH6T2rH1PQFuy7vDGXe1vCBt22jqw5gpblENjojilLoBGxRQQWCY717ISdpBhzHtvkdIXCH51CfmTT66JeG5UZPcrCOIKaZBJ9Z6qoQOQ6q1ipt7rz_uK8a4CDP5P_7Qacgoy_SeppFY3pheHNryxbm2KFxDF__j2O5sCAFra9KbLHyxiIx41tLT1RjNVdXYOw9uTH4HV04Dbzrzf0ffCwWAFNGS2HgTD3sfMbXjiw8Q9wok4B5TtrjvDLkzvivnztd3EJnX4BwKeMimn8WmKg3ZQRXUalEqBwcR3cN4-mLHXVU-bwu21Hb8YjgbVqaG2CNtJoGx3bfXxwuiqbACqhPfEnOeLv7I4xIlM1G-J6Tr_PdTViIkFgxjYZmDfe9WtOE2bUBvFmEm5fN_nB2RWK4YOsT7LN9pA9GsEgHCXvjFfRg7jIXsVNyl190RzzNIdMjAK6zqxLGTu873DugFlpZIwFipYHjOcAn-xZ_m18qM-jZgFGRihYQ23eMQhV5jaKNLC4CzG1E3hqRy2sn4yxb3TIzWkiCjeqjI_E9W9ZSoqgQW2MX2FTR-DITvV2YxevAwVzEj8JBtnKfte1Xasa5EyDyuILS47GkE18_14MpKflXo3LP1EJ34p9CiCTB_hBtcZRbBCZZSgjt0iBS6e9brXE_IJPT0FTZwXzBozbn-ePvNFao0ngsBeUMGfF3UqakoHCMmMv8paRXx-T_zbuvP5aAlEoTbIWL0iZGlT8Ms42lVZcwiVcdETH-GW--w7bwIOUq2G_gxy2tPpaSVFDCB465147RPGX3nDEK4Sy-6CsjHJ1EaNaXg8RNb4-52zGq1g6JN4w8_6hG-__B1LaffEANoS_-9pBUTEyWLSiaoXs_q3x4dagKQKCVmEw_nNGEM76_EI8lU6WERd_SBmYOWc_7HIEDX61MCNwmnWWFRnwG8saVd77_mCehQDleSjj79xkBR9sIs0wZeu8OvHSUX3dcemYAjpR9XKyX4e9XTwnyzrhkylHBKsaI-vFf4Hc9g68MqKmWjbiKtX3J2QE3Yyaz65ae0o5KWLHRJAkUSX1JOhr_mBwT90G2haj0_qzhmcG46B9v5cvBo_3UhUmg-pDc5yh1L_HC8PTlsOj6P1npl4tPzkWohlaGlC37QXAOZ-mQj-hOCX0MuuoxWH0YJ4K6u5iFsbuEdY7PVfIJm_4HBaOG5OUdZuoname7pSPetRuywvehnBdd6tiI-D8K5_gexp3Qh0pxg6uTtRCQG2tKTTl2U7KUXcA2CVt3m5MQWDrOblIqSMNHX7jLtYSJkLjSNQHnM9lJcBBcjmFdRzwQ3x_o7KqgxfVzXBe2NlBFyV2AZqsA2OjYPZvgFiRObpn48DkVzbU8cU-ehcNOAK8Ej3_mHw3ekv06nJjnF2LXDPL7Rxhnv802sn-uHt43bJ6oHnc8iFBFRFR2IIkv0ETvkUf8ZDtGp3uY7Ec6m-CWOA1jNEjx3mpA9U2XpipbMZtGZV0lChkWLyZB44hcFA&cid=CAASJeRo2vye69I15vBe5YasaCBBQfSG246qTtYj31i030OtsX3Lp6g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ba2ed188534949616a45db751d0a10f03e9481beaee928999e63144c70314fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35643
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D515 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B7R8m8P_OvpO44vjQ_Wkwpo6DYoIrvUAh63pUFc-jULCgcYcQkyVvdawouAg91SSjJ42uZvFfzYr9IMuw7DtgWPy_GL6ziD2nXTeAD5UwG4HhId2Q
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D515 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
4088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 08:59:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D515 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 14:36:43 GMT
l
www.google.com/ads/measurement/ Frame D515 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBN52DbdmAIzdFB4LCg0A4iOjEVKUFC5CmDB_fO4QEh9D4q1yE3EiqTVHWINQkNBsM0a69yK8s1xYXECRTU7NXoaQm8A
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D515 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C4EE 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 63A6 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDyVXyEwGPxSzkkYsOvSGnOwAH6qHQ-xdw2-HRZdJtMUSa3OmYoqzVSJ7Jj33IUbZfCQXLmk2-dVFUDRVumhWOa4Gd_y4WtnFywG4eAxMotXnuxxd2eepjWZWt-Sc5Df6XF45rcCkJnF82-Xfuonj_N7mDXunBJr-EEPf5fVAXUsLI3Uo&dbm_d=AKAmf-AMacDMtiFNZUfjI6Wb3PVQdQ2zE9Mmcayb0N8H5aGydDIhkT9Rk8LcNNbSjuhgp0ztVz-ADynp2_en45gaX4LvJKfupx73XY41z_t2f90dV9oEf12xkroO_SU8_02oAgocBI4SyxFfSq8JGgxM9oyduaK6VAoGTB4G5pFanvLjxa7GeBbM05EPb2sT5CZz6XdOtYqhlN8NfxYagnswVGI6po-yEmxjlO_co1pGyZ4e1ubw0fAkio1pqCiUqDAxmyk3CPznTNO-v0wUOM4ZKPA9p2S9yGFsvSth-AdXLjt5qQPYRvw4rUrt2MPRc040IjZJrCBrFekvMKM1BTPi6upMXeci2dztGfzlhBSbfq9kz5jLD19u-H-aL2hrB_R-z1vSBiND1hvFykOw0--DJdp2t4JVnwaZy2Ut55CqNqqrFN4mHbXCIkz3n1fuGpqwCa_iZ5UuyDs3sHgjkLerYxkAXollx_9x0-bZqcX5OR5yuumzyAMXdv2IjRoxbsGUXyUP81nbaK6v0OoQR_ziNFkaHIsthD7h8YG8zeiENU4vO1fFDgbOfZnFDJjSQGca723vcsVnDyngDwGVtT8DQHYQpFPfTkEw0rYlV64bPsibxS3XQeNCI2kAEFxvRnLCy16YeunZESHryPC_mAi0meaF4zBiJBLsOY2PJ132JEuQbYCljgv11EJiEfaoMtTm11TC94br_NyCM0FXj1VCLgkZr7vF7e9IHw2pj86DWnUJ24ROLCFH-YwbMcOdradwpaHd7zaTT73V0BN7AH0AgUnfxevIiCBX54S-HX5LY-Zg8vB2OJ5VQQtAcMuh_pUcJJIyQaD7K4L1ZK8q_IIlSBXMACo9HtA-D4TsprTVbPrVHRNZJqUg9Vhlu5oh30T9duyBDCyc2GuHaau2TDHDBBX2VYO538pVmURCev6plpiIz9LPyWev8eLUjLcrQ3CVlgZfSzJlrfRMxSoBBCnELIZLrV4E3YLEyIOXsUqDajRLYKKGRgYzrKG6qIPQy6gJvqnD64LIXo5TZWOgmxSNiePQXmAQLSqn4wbA6nixQz_GxodD9z4hiW3orI3-juKiNGFZ2AzGwG8iFFF8v5EiPPDW6wVLZYJIsel5X9X3Lv265SCORsRXUcHWPveW0tZdwEtigcBgIvZ09EmQsfGxjSPDbd7rBBoxv65rjwl3HnB4JPWoqZpDaU6gAoevY2pBQHYGMSsNjoW-6npyNjK4DKRbwRtH28FV3Z7JtGPsedsO93pIr4FVtm1kYHL_Az07ULCGNEtO7Y-lPs-IKK9EEOb3IUixJvDOu2nLV8DMjJxEAHdlocOkdbgdyNwR7lrJ8u9GQxXq8l1Fc7Q7isKiYMgKFw-q6e7CI9eaUV90SXxpOHFO_IwCHBEs9TMFtyA7ijNyWTBDl0IgSHsnO3Rn7Q5slHnxssVLaN78VkhTpzx8OY1GkL1lTrxqKMQHPAFSYmiN8ngxFdyMKNDJneHVTZJdIA8dm0F42FCoz-4RrsKRHT8XlDc15H2x4Vzp3ZcHE4hAqrg2Lc0AYpyDS9cRz73lTRfU9PrckeCM4UKl2w4zcyG4_KciEHDABqn5gM4PieyuL8IgfF3xUlIumD8jQqxj3kxd0uY_3hlFSsopLow_AK-vtLI6Vpz9LQTWSTKs6V19XBRzk9D1fO598tltFCWYBXkK0iDxvLHBFW4-JxnZ1lXVCxhBfOTkwPkzaILDauxFijUO2c-Caqf8D2P8XtS1hER1QveOkMwScYkhbdnJYxXhhSr9DHv88jRG625azjgAo4tCHtSQBI_5LtpC-WffHC3Gn3qPhjrcC2vKvE-OMqYBfmtsZKLriTzO5eJ6Ma1W2ckso22YyHcGzehCvjVIwjPmWonFwPJR-wenIbZJ7XsLMAa4w3G0TzKp0HR52oXstciTMYPTqS6CXJr_4rJuOnR-NwrqCk1mgF214slghHg7VHssYRaAzS4KMrIBJ2DKtYzWCJODeNRIzPeRX2lOW0CWwjkYHMFbw7SOSMsYjJhx3EQMxow_QbBpMjr1vthM6L8XJZuFBZXfEAIF4gHPW6L543UJfbC0MKO1OFTtuJGaEiJmYqPjgjIBm1FC1LdcODbCvlBrz0fmUr2TeTgdDLwa666daMGzwyKQPiAsYwJNlAWKSNiyZa5WrRXqRE2HxvsknXGsYUdT3ZMWBs721k4yuxMipsPI7zHoInj7GDdeZ2yvHWQS0joHeZjLZzQPOP9KxLXrdJ98km8tIbpyBt1ArkNSUcC8D_SjpTG_QPQqV5s_2_mIv76_MDQiT4S2YILuF9bxyozcuAbV0q1bFVvsuMjk9z20zmxZPtS_KqV8bwU3_JecXLNT7yz6Btt0OyYssERKLKEuX78-12rC0w0bwZcnBg0nh2EUBCKa5Hh4NUcvAZftu6NT4wxoe2AEkA3P9c4r3Q-irhhao_WtgBZ1ZI5UnZDKx3CXWC9dCw8HTgVgzuUoENwsuIPCywHRDj3oPIXftHwaSxTfvz_vyQ_hFKlRaaFDx79SLiUysj_lvk7TI5ZH0tAbl6zPYMKPIamFDHXIsbJxv9krpgTWUeojz-wh3xST9M5qxxAx3rSOqanHDWZ8imrD25VnQI7wTSfGQvpFD8dMD9KN7p1xgolbLyMKog5LiLUDqXEOj0a4Wa62qcKYuUUq3_y9cttyUgEaFE88eL4EM6a762qLbnAg7eWfLlx6wc_GASByYkCrJQ-FBsbKhC6oft3BaOYurvGTZuCZ45S1IgipNV6aCjkxQLWLkVzzsvjNGrUgVclTd_ZRHhqr4O4oKnPZiAN5C1gG2ueYnGlrsf0V6yQ3ySuUH9FZs_3j7kYKoQef65g5Veey9ad3UAKszeVb9wzpy0rjlyPTa4edPuOpnSI4k4_DvobsqKqmZ7jvKaoPicb0ZPTBHSdDCpQ1wNNfDo539pSCguAku_skAou8j4nSIq_tUzcAxnNhT0Ufcv9dQFKMvMYtsTIUU_irPEhdMfLipVy79jsOiv34sh_41BhbAR7Qfns3xMnhytve9UFQbkIVxe-cUyqh6DOI8JKxQung8UqGIBgP8ep0vvtI1lmUAKuL1y05vt1q_c8UBG8zymky_Xsp48XKX19KISroK-6JKBUYZm3wrk-KiIeEr15gxP-beIxCFPM_12dL6-UA1qHeR-4UoULl-O8UUfOv3L59QjVgzdpZxGN-LXpI47h0lIfYpPDvlCsMf6MrhA9iOmIzz85PhyMsh0qd-d7EO9-iazASWZgEzIIY5kSUEzBkPaC16HIL7yRTTK19M6r5StMSALvn5Hf0P5Zi73PK8gmMlBaL&cid=CAASJeRok-dgJLNQRRUqF8W-XOlEfRH7HDLxe2RDjOqrsmL3ovHC4D0&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0cea16677e9e1eed14bf8fcbea9e58f64df6f2448e10ebe17fbbeb3fe62e584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35647
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 63A6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Amw44vdwnoO68aHClm3ZE1yU_XVk9g5hJRZxtEmHV9cszVb3NYDEYTeNuWfuo8HeMBF7JzWdFp5d_mpYa-hlXq3Wrv9ufuN5K6aIPGWSI5Z5TiQQM
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 63A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
4088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 12 Nov 2022 08:59:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 63A6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
70254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 14:36:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 63A6 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E539 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaK-ntBd-ovprwTTTkmnvVARukCprz_SXjYOgyir4eJraM1meahQSzTtRoQb3-urq5a-hj9WTCsuHZCcjTYm-ZgMhyCDiKE_uhRPWZQjtvyZb9kS2VqP4vfnBsMImpzv4SlHMTEihpCMdcNBjQ7zJjqKF86IoR5cvJSNiYds5mgbJcZZNn5MKORYR0Z2a_3VDDjsxv-LNB5nUBAlaNPi0TG2rRAA-gyf0UWFIyVTOve2CcxANPE-QmsfY1SNK0CLNIrxQ40DYCo92wD4mRhvSR5b_64SOdl-BBCk9JJa5TwzaCoNvMBpX-2Bk&sai=AMfl-YRpjyWwU5nWPTnLhfdKqUHYjgb5cXyIZL7oi6iVW2qm6Ts8sIAKRelGO2xTA2x2uB_WeW9dxkPhj1CnGAq4g-b0z_UcxJTPzpL5lTQ-B3rL-K2TpetLgwrcUyyCDN8oCQ&sig=Cg0ArKJSzKKYDFD4r7b8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/ Frame 9F8C 		384 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:2c00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47d95a4762737366fadf7c59ecf5af26496eecc849489a47bc124cfcc09a81c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:46:33 GMT
content-encoding
br
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
x-amz-version-id
VFNxXfhG5YGmFfGU3ZDzO_coepLPkDAk
last-modified
Sat, 29 Oct 2022 08:33:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1265
etag
W/"aa347a14566a0ce698152172c5d9ac56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
f4piK0tBrl7qVbbKcfgy_P4zXv6Je15ayKV9_snju6o86gewf8gqmw==
rum
dsum-sec.casalemedia.com/ Frame FE3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FE3E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FE3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
341b0b79-d880-4000-b8c7-1d5f1282919a
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FE3E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYot_IgAEwAQ&v=APEucNXPoQdPhognZHHjkxxaPb2Dz3hxLVFto4uMGL800HtW43RmBYxDoevphCTo6mETsNMmReuSavfmjSLn6S1T-O8he87gR0H4yNC_LaRPfBKtRaIsdjtoykzC2gTCX2FS3lu-3-frrD1-eJpvn4suQN8QIbb0_TO8CoYjl_PsaVe0ruN7tAo
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
c2e68b2a-0fbd-4267-b15e-e0f32f3d1f83
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D4C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6D4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
a90d366f-3748-44e7-a444-2954403be94f
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D4C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQm7H30QMYq8zj0gEwAQ&v=APEucNUxbDhCdpGrfdCYvf5cRFkLClErlIxAYPhSOQJwvEQX184SwJbXoK3GhXa5hYt94h2ybz60KMbErUNLkXystEFjHpJ2PMSxWhCk_ICRWUGTzrneobApi1zE0oLomXKChhSYs8r-kSt9YEPNkZrcbrX3SnVU4oyzNT1PcHXuyKHbEEkRUK0
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
e8f8daf5-aa04-40b0-bf3c-ccd1228264df
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjk0NDQzNDcxNzExODE0MDE3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C4EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C4EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuzLLa5WiqwRmHPSxX8lZY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C4EE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
f9764be6-02b4-4ed9-99dd-c0a378120f14
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMncBeLP0OC-zhl02HFyNn4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4EE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYod_IgAEwAQ&v=APEucNU-3qcJRVKF3f3ov6oSqaTtdGIzNukRP_9Ns-ZB0ks68bx1OY2qb-jM1eApDBDIDhX_Np8L0SsO0gaLBESIks-W79i-bocuhkAxhGo01Dno0nfZ8tkLosHXu4faKYVWfoEnLejqM2gte4ma68sxJ3CGV571EdKEK7a7neLec3xvmoogcW8
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
a889d6f6-24d4-40e3-9f78-da62b8603b75
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame E539 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7a27524bf6ac1fe07e09b4940997d1fa43bf91820e6940c147d3cdabdaa843e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 63A6 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Origin
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 10:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 10:22:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame 63A6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDyVXyEwGPxSzkkYsOvSGnOwAH6qHQ-xdw2-HRZdJtMUSa3OmYoqzVSJ7Jj33IUbZfCQXLmk2-dVFUDRVumhWOa4Gd_y4WtnFywG4eAxMotXnuxxd2eepjWZWt-Sc5Df6XF45rcCkJnF82-Xfuonj_N7mDXunBJr-EEPf5fVAXUsLI3Uo&dbm_d=AKAmf-AMacDMtiFNZUfjI6Wb3PVQdQ2zE9Mmcayb0N8H5aGydDIhkT9Rk8LcNNbSjuhgp0ztVz-ADynp2_en45gaX4LvJKfupx73XY41z_t2f90dV9oEf12xkroO_SU8_02oAgocBI4SyxFfSq8JGgxM9oyduaK6VAoGTB4G5pFanvLjxa7GeBbM05EPb2sT5CZz6XdOtYqhlN8NfxYagnswVGI6po-yEmxjlO_co1pGyZ4e1ubw0fAkio1pqCiUqDAxmyk3CPznTNO-v0wUOM4ZKPA9p2S9yGFsvSth-AdXLjt5qQPYRvw4rUrt2MPRc040IjZJrCBrFekvMKM1BTPi6upMXeci2dztGfzlhBSbfq9kz5jLD19u-H-aL2hrB_R-z1vSBiND1hvFykOw0--DJdp2t4JVnwaZy2Ut55CqNqqrFN4mHbXCIkz3n1fuGpqwCa_iZ5UuyDs3sHgjkLerYxkAXollx_9x0-bZqcX5OR5yuumzyAMXdv2IjRoxbsGUXyUP81nbaK6v0OoQR_ziNFkaHIsthD7h8YG8zeiENU4vO1fFDgbOfZnFDJjSQGca723vcsVnDyngDwGVtT8DQHYQpFPfTkEw0rYlV64bPsibxS3XQeNCI2kAEFxvRnLCy16YeunZESHryPC_mAi0meaF4zBiJBLsOY2PJ132JEuQbYCljgv11EJiEfaoMtTm11TC94br_NyCM0FXj1VCLgkZr7vF7e9IHw2pj86DWnUJ24ROLCFH-YwbMcOdradwpaHd7zaTT73V0BN7AH0AgUnfxevIiCBX54S-HX5LY-Zg8vB2OJ5VQQtAcMuh_pUcJJIyQaD7K4L1ZK8q_IIlSBXMACo9HtA-D4TsprTVbPrVHRNZJqUg9Vhlu5oh30T9duyBDCyc2GuHaau2TDHDBBX2VYO538pVmURCev6plpiIz9LPyWev8eLUjLcrQ3CVlgZfSzJlrfRMxSoBBCnELIZLrV4E3YLEyIOXsUqDajRLYKKGRgYzrKG6qIPQy6gJvqnD64LIXo5TZWOgmxSNiePQXmAQLSqn4wbA6nixQz_GxodD9z4hiW3orI3-juKiNGFZ2AzGwG8iFFF8v5EiPPDW6wVLZYJIsel5X9X3Lv265SCORsRXUcHWPveW0tZdwEtigcBgIvZ09EmQsfGxjSPDbd7rBBoxv65rjwl3HnB4JPWoqZpDaU6gAoevY2pBQHYGMSsNjoW-6npyNjK4DKRbwRtH28FV3Z7JtGPsedsO93pIr4FVtm1kYHL_Az07ULCGNEtO7Y-lPs-IKK9EEOb3IUixJvDOu2nLV8DMjJxEAHdlocOkdbgdyNwR7lrJ8u9GQxXq8l1Fc7Q7isKiYMgKFw-q6e7CI9eaUV90SXxpOHFO_IwCHBEs9TMFtyA7ijNyWTBDl0IgSHsnO3Rn7Q5slHnxssVLaN78VkhTpzx8OY1GkL1lTrxqKMQHPAFSYmiN8ngxFdyMKNDJneHVTZJdIA8dm0F42FCoz-4RrsKRHT8XlDc15H2x4Vzp3ZcHE4hAqrg2Lc0AYpyDS9cRz73lTRfU9PrckeCM4UKl2w4zcyG4_KciEHDABqn5gM4PieyuL8IgfF3xUlIumD8jQqxj3kxd0uY_3hlFSsopLow_AK-vtLI6Vpz9LQTWSTKs6V19XBRzk9D1fO598tltFCWYBXkK0iDxvLHBFW4-JxnZ1lXVCxhBfOTkwPkzaILDauxFijUO2c-Caqf8D2P8XtS1hER1QveOkMwScYkhbdnJYxXhhSr9DHv88jRG625azjgAo4tCHtSQBI_5LtpC-WffHC3Gn3qPhjrcC2vKvE-OMqYBfmtsZKLriTzO5eJ6Ma1W2ckso22YyHcGzehCvjVIwjPmWonFwPJR-wenIbZJ7XsLMAa4w3G0TzKp0HR52oXstciTMYPTqS6CXJr_4rJuOnR-NwrqCk1mgF214slghHg7VHssYRaAzS4KMrIBJ2DKtYzWCJODeNRIzPeRX2lOW0CWwjkYHMFbw7SOSMsYjJhx3EQMxow_QbBpMjr1vthM6L8XJZuFBZXfEAIF4gHPW6L543UJfbC0MKO1OFTtuJGaEiJmYqPjgjIBm1FC1LdcODbCvlBrz0fmUr2TeTgdDLwa666daMGzwyKQPiAsYwJNlAWKSNiyZa5WrRXqRE2HxvsknXGsYUdT3ZMWBs721k4yuxMipsPI7zHoInj7GDdeZ2yvHWQS0joHeZjLZzQPOP9KxLXrdJ98km8tIbpyBt1ArkNSUcC8D_SjpTG_QPQqV5s_2_mIv76_MDQiT4S2YILuF9bxyozcuAbV0q1bFVvsuMjk9z20zmxZPtS_KqV8bwU3_JecXLNT7yz6Btt0OyYssERKLKEuX78-12rC0w0bwZcnBg0nh2EUBCKa5Hh4NUcvAZftu6NT4wxoe2AEkA3P9c4r3Q-irhhao_WtgBZ1ZI5UnZDKx3CXWC9dCw8HTgVgzuUoENwsuIPCywHRDj3oPIXftHwaSxTfvz_vyQ_hFKlRaaFDx79SLiUysj_lvk7TI5ZH0tAbl6zPYMKPIamFDHXIsbJxv9krpgTWUeojz-wh3xST9M5qxxAx3rSOqanHDWZ8imrD25VnQI7wTSfGQvpFD8dMD9KN7p1xgolbLyMKog5LiLUDqXEOj0a4Wa62qcKYuUUq3_y9cttyUgEaFE88eL4EM6a762qLbnAg7eWfLlx6wc_GASByYkCrJQ-FBsbKhC6oft3BaOYurvGTZuCZ45S1IgipNV6aCjkxQLWLkVzzsvjNGrUgVclTd_ZRHhqr4O4oKnPZiAN5C1gG2ueYnGlrsf0V6yQ3ySuUH9FZs_3j7kYKoQef65g5Veey9ad3UAKszeVb9wzpy0rjlyPTa4edPuOpnSI4k4_DvobsqKqmZ7jvKaoPicb0ZPTBHSdDCpQ1wNNfDo539pSCguAku_skAou8j4nSIq_tUzcAxnNhT0Ufcv9dQFKMvMYtsTIUU_irPEhdMfLipVy79jsOiv34sh_41BhbAR7Qfns3xMnhytve9UFQbkIVxe-cUyqh6DOI8JKxQung8UqGIBgP8ep0vvtI1lmUAKuL1y05vt1q_c8UBG8zymky_Xsp48XKX19KISroK-6JKBUYZm3wrk-KiIeEr15gxP-beIxCFPM_12dL6-UA1qHeR-4UoULl-O8UUfOv3L59QjVgzdpZxGN-LXpI47h0lIfYpPDvlCsMf6MrhA9iOmIzz85PhyMsh0qd-d7EO9-iazASWZgEzIIY5kSUEzBkPaC16HIL7yRTTK19M6r5StMSALvn5Hf0P5Zi73PK8gmMlBaL&cid=CAASJeRok-dgJLNQRRUqF8W-XOlEfRH7HDLxe2RDjOqrsmL3ovHC4D0&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 63A6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDyVXyEwGPxSzkkYsOvSGnOwAH6qHQ-xdw2-HRZdJtMUSa3OmYoqzVSJ7Jj33IUbZfCQXLmk2-dVFUDRVumhWOa4Gd_y4WtnFywG4eAxMotXnuxxd2eepjWZWt-Sc5Df6XF45rcCkJnF82-Xfuonj_N7mDXunBJr-EEPf5fVAXUsLI3Uo&dbm_d=AKAmf-AMacDMtiFNZUfjI6Wb3PVQdQ2zE9Mmcayb0N8H5aGydDIhkT9Rk8LcNNbSjuhgp0ztVz-ADynp2_en45gaX4LvJKfupx73XY41z_t2f90dV9oEf12xkroO_SU8_02oAgocBI4SyxFfSq8JGgxM9oyduaK6VAoGTB4G5pFanvLjxa7GeBbM05EPb2sT5CZz6XdOtYqhlN8NfxYagnswVGI6po-yEmxjlO_co1pGyZ4e1ubw0fAkio1pqCiUqDAxmyk3CPznTNO-v0wUOM4ZKPA9p2S9yGFsvSth-AdXLjt5qQPYRvw4rUrt2MPRc040IjZJrCBrFekvMKM1BTPi6upMXeci2dztGfzlhBSbfq9kz5jLD19u-H-aL2hrB_R-z1vSBiND1hvFykOw0--DJdp2t4JVnwaZy2Ut55CqNqqrFN4mHbXCIkz3n1fuGpqwCa_iZ5UuyDs3sHgjkLerYxkAXollx_9x0-bZqcX5OR5yuumzyAMXdv2IjRoxbsGUXyUP81nbaK6v0OoQR_ziNFkaHIsthD7h8YG8zeiENU4vO1fFDgbOfZnFDJjSQGca723vcsVnDyngDwGVtT8DQHYQpFPfTkEw0rYlV64bPsibxS3XQeNCI2kAEFxvRnLCy16YeunZESHryPC_mAi0meaF4zBiJBLsOY2PJ132JEuQbYCljgv11EJiEfaoMtTm11TC94br_NyCM0FXj1VCLgkZr7vF7e9IHw2pj86DWnUJ24ROLCFH-YwbMcOdradwpaHd7zaTT73V0BN7AH0AgUnfxevIiCBX54S-HX5LY-Zg8vB2OJ5VQQtAcMuh_pUcJJIyQaD7K4L1ZK8q_IIlSBXMACo9HtA-D4TsprTVbPrVHRNZJqUg9Vhlu5oh30T9duyBDCyc2GuHaau2TDHDBBX2VYO538pVmURCev6plpiIz9LPyWev8eLUjLcrQ3CVlgZfSzJlrfRMxSoBBCnELIZLrV4E3YLEyIOXsUqDajRLYKKGRgYzrKG6qIPQy6gJvqnD64LIXo5TZWOgmxSNiePQXmAQLSqn4wbA6nixQz_GxodD9z4hiW3orI3-juKiNGFZ2AzGwG8iFFF8v5EiPPDW6wVLZYJIsel5X9X3Lv265SCORsRXUcHWPveW0tZdwEtigcBgIvZ09EmQsfGxjSPDbd7rBBoxv65rjwl3HnB4JPWoqZpDaU6gAoevY2pBQHYGMSsNjoW-6npyNjK4DKRbwRtH28FV3Z7JtGPsedsO93pIr4FVtm1kYHL_Az07ULCGNEtO7Y-lPs-IKK9EEOb3IUixJvDOu2nLV8DMjJxEAHdlocOkdbgdyNwR7lrJ8u9GQxXq8l1Fc7Q7isKiYMgKFw-q6e7CI9eaUV90SXxpOHFO_IwCHBEs9TMFtyA7ijNyWTBDl0IgSHsnO3Rn7Q5slHnxssVLaN78VkhTpzx8OY1GkL1lTrxqKMQHPAFSYmiN8ngxFdyMKNDJneHVTZJdIA8dm0F42FCoz-4RrsKRHT8XlDc15H2x4Vzp3ZcHE4hAqrg2Lc0AYpyDS9cRz73lTRfU9PrckeCM4UKl2w4zcyG4_KciEHDABqn5gM4PieyuL8IgfF3xUlIumD8jQqxj3kxd0uY_3hlFSsopLow_AK-vtLI6Vpz9LQTWSTKs6V19XBRzk9D1fO598tltFCWYBXkK0iDxvLHBFW4-JxnZ1lXVCxhBfOTkwPkzaILDauxFijUO2c-Caqf8D2P8XtS1hER1QveOkMwScYkhbdnJYxXhhSr9DHv88jRG625azjgAo4tCHtSQBI_5LtpC-WffHC3Gn3qPhjrcC2vKvE-OMqYBfmtsZKLriTzO5eJ6Ma1W2ckso22YyHcGzehCvjVIwjPmWonFwPJR-wenIbZJ7XsLMAa4w3G0TzKp0HR52oXstciTMYPTqS6CXJr_4rJuOnR-NwrqCk1mgF214slghHg7VHssYRaAzS4KMrIBJ2DKtYzWCJODeNRIzPeRX2lOW0CWwjkYHMFbw7SOSMsYjJhx3EQMxow_QbBpMjr1vthM6L8XJZuFBZXfEAIF4gHPW6L543UJfbC0MKO1OFTtuJGaEiJmYqPjgjIBm1FC1LdcODbCvlBrz0fmUr2TeTgdDLwa666daMGzwyKQPiAsYwJNlAWKSNiyZa5WrRXqRE2HxvsknXGsYUdT3ZMWBs721k4yuxMipsPI7zHoInj7GDdeZ2yvHWQS0joHeZjLZzQPOP9KxLXrdJ98km8tIbpyBt1ArkNSUcC8D_SjpTG_QPQqV5s_2_mIv76_MDQiT4S2YILuF9bxyozcuAbV0q1bFVvsuMjk9z20zmxZPtS_KqV8bwU3_JecXLNT7yz6Btt0OyYssERKLKEuX78-12rC0w0bwZcnBg0nh2EUBCKa5Hh4NUcvAZftu6NT4wxoe2AEkA3P9c4r3Q-irhhao_WtgBZ1ZI5UnZDKx3CXWC9dCw8HTgVgzuUoENwsuIPCywHRDj3oPIXftHwaSxTfvz_vyQ_hFKlRaaFDx79SLiUysj_lvk7TI5ZH0tAbl6zPYMKPIamFDHXIsbJxv9krpgTWUeojz-wh3xST9M5qxxAx3rSOqanHDWZ8imrD25VnQI7wTSfGQvpFD8dMD9KN7p1xgolbLyMKog5LiLUDqXEOj0a4Wa62qcKYuUUq3_y9cttyUgEaFE88eL4EM6a762qLbnAg7eWfLlx6wc_GASByYkCrJQ-FBsbKhC6oft3BaOYurvGTZuCZ45S1IgipNV6aCjkxQLWLkVzzsvjNGrUgVclTd_ZRHhqr4O4oKnPZiAN5C1gG2ueYnGlrsf0V6yQ3ySuUH9FZs_3j7kYKoQef65g5Veey9ad3UAKszeVb9wzpy0rjlyPTa4edPuOpnSI4k4_DvobsqKqmZ7jvKaoPicb0ZPTBHSdDCpQ1wNNfDo539pSCguAku_skAou8j4nSIq_tUzcAxnNhT0Ufcv9dQFKMvMYtsTIUU_irPEhdMfLipVy79jsOiv34sh_41BhbAR7Qfns3xMnhytve9UFQbkIVxe-cUyqh6DOI8JKxQung8UqGIBgP8ep0vvtI1lmUAKuL1y05vt1q_c8UBG8zymky_Xsp48XKX19KISroK-6JKBUYZm3wrk-KiIeEr15gxP-beIxCFPM_12dL6-UA1qHeR-4UoULl-O8UUfOv3L59QjVgzdpZxGN-LXpI47h0lIfYpPDvlCsMf6MrhA9iOmIzz85PhyMsh0qd-d7EO9-iazASWZgEzIIY5kSUEzBkPaC16HIL7yRTTK19M6r5StMSALvn5Hf0P5Zi73PK8gmMlBaL&cid=CAASJeRok-dgJLNQRRUqF8W-XOlEfRH7HDLxe2RDjOqrsmL3ovHC4D0&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
server
cafe
etag
16485072225624805710
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8FED 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Origin
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 19:13:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame 8FED 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQf3nixaf7SNVjTSoHjgNbd4V8zGEu7A6ZPLeWM5XujRHOn5TJ146t5dU5ichsZZc358kHvCPr4TRWh96dhFz2Tbnn61gnDSq9o5SO1qUdF_2aczqyEwtMbzbeMEe06aHBE-h1ZOC5pgBCauwqI-J3eTKKV0kTgSxaR0WzU2L_nCjwSAYFzb-sVo2PN_AlOkupaVn&cry=1&dbm_d=AKAmf-A5_ecpTEcPqN1T6Sdoe6ePMJMxyMgt82HJbHzuJKPOkVdg0DCo0f5Z6SHvOfBEA_a8WlkSITamOTOgQVR-OdxBNjPNR1Xcb4tjzB5K69EbT_N2rSqqwaID0Cbxa7_RjSs0fUOMlOCYx0ulPRSgMsIgOdDW0zBFLu7axkcf6Q5WpNKO2Zsl_uB687RBjbLTLtOCpm3TE2d8PQI6WxeP5NhoAfsB54jw_q8Pc_GCs2ZI9GFKyWAr6dUQuAJXl-r_WeuD493eGn8wxOIM2qJC0WcbFxohEpc6ROSpk4gRvS1NfVTj9PBMGKxbjAvBdzTyM-IT4X-hnoCSi10yTsrw8GfTJyTSy3BxrtkdXead_obN3_BTNVwpwyx6cg2CuXwfCGSccpxRAuyHPZzckwIpAa6J4O5MXCKLu1JG9bmsj-tMG9BmCY7LlGrt0eu9p6DPdUzDPooHL7P3YsC2viiaudDHGZ0HUQTwltinfji0Gm1TIpnFbdgAXCqEZ5oaDTEyk6yzVUT5aV5tQt-c1x2qbqJhcuoZ0Mj0l6-_jOu4YGH716DBx57eK1QzF0HXZJ51dn6p9DWcjmigAl_Wm2qd3TYN7SoO9mx4Zo01MWpG9Mvpq326uxTqt_IvwDVpWGA4bdj1frGTdi6Km-J1_nusrLaVIH2qdRNyup7fpr7Q1uMObvxoaWaXcF0LZLXVwOCm18K0QflghX0eg1lkd0pXFzI9TzvYieSNmKLuIdJG6ift6GaVgQS5VxKUuP8mg5AO7SiM2AjBreS8zrLR8Db0MUGwn24xPxsIx69iwweZW29_aEFpBuVzzjPY311kMGc7J5ileCqil71ak3Ycsaw6dahOhED4ancuJEu1zDjexJ208uPsG-KpjBCsREZqgXC8s9fyPgvfixuGCXLm0_3_vVRY0HICeoOwW_biJSP5Fllvfkp52XRR3bol1ffe_KOVLMa1ca2ad9zQUsfOQgmC01yZlyALk3E-_YRbcrNJHIKAvN56vvJ5ym13QUd-J7ZzwdNgzrGEx5fFSGvQ8ntlsYIhESa-fV3FGdEmxvwpXEtDol3PAIT6i7zXTfhW1xK_0izXbcdEVeAIo6DArn-0upsMDN9a7UzNVjXAABzTdCxzUAmFhJNvzX0eKbJyNKprCjPQ94EEA1aP4ohDmm8dh096-beVhmbnWQ6M9Xck59AWxhUd4Ncn3MUFT-FffuBgNi1gRKsPxLVvTbmp8ZG2Bw4lY2ZKHOBMuckuhkla_ljhdLbIRPtyMUp6Lpw54-Wlw3Sp0ZEbLMjnx6E6ExtCgK2z6wVLI8TuqdqwoWrEwq3313CsGU5b7-dXBHuDW8z9qXZURCLphqJsUMKPhgIOVmpdqR6JQ81BrAmMULCnLNwXwEUBcsWXv6_Vx-idEJv1BZJ6F37hN90qX40jsuYzNlM1if_LZeeHu0ksCzbuatRkhgGJKgE-oEVvmK9ztUR5N50UekeOU-fi4mNI1wiMkmP0WinN8CHbyrGSd16J8-z39BHNBhlIhFRL19d_oXm3vOPm6eDSrOAIOHUpRzFPm83bvHOJNQCP0N4NAk6u7RNbXBsEMcBHmAcC5tRN14PQqF-F9kO0f8Bbjscmfu4ixlWbb7raPvZoYhlA0zQSe3FF71WvkJYhB8Aa4fD2bb7jVhnJpayqSxkujyyHN1ybMOurWYK1dAwh3YZtgL1ov6Dk8LvOsjwrJntCKYEtUodF4bskvkmImigCs4swy5jdb1-8Dm1xCv3NI6F0_LFXpjw3EWZkNdsGfo1UiqaOP_zkiNwV8QaIonikKsGZpQOixkO9lnPXRfKsloNWBxrhLBICWL6w2Z1ZlbniwTbDaTnegDlz3v8uIUDOuiSYPbOVG1-8MolvUTKyLX0x-A1lY2H7y3zQaUHHENqE1fqOAPAeYM9GaeOLxmutRcprC9ACmkH4TAlOokHHzkGm-PV7jGw690amhGgiAWiGYOpMCgt-lWppfTeJo5pm3ZmKmR0symtqAeepnFc_6mYYbTpyBec6ae6JRDzM-H-Y6YqVniSRj9aHFdXBrlnTMNGY0r4cFbVSKKJ6Vf8RdiA3MyDS73MR_Lu932edFONWWWFkPJjtMP7ONy9YDGWlbkODgjGMbLzC2Bg8w_izttzBDyszAEWkZPx7YKcO4Ex1DiAimyA-WZlM5v7Du04buBmbuD2BW_3klUy8o7Qb1fRdP1DhDRq3U9MSKG5lnZUqSu6LNBxUTGPGWar_Z-xIRkaF3jTRnVELMr-FMJKXE3NjY4sqeAnP7a0IzS_EeVCAs51h0S8fssWObjueiTGq7FVnABpJccRPCwjAfjONXcrUdZ1C8qVO8dy7P-m5gTHdGWF4T3CiQtNXjKZR4-ysJxtTDs86OP285OOxs2eKsFH_IxmDvtuHJfSZrv2EISdhr4XOvclNpN3ttyviOYMUl_uDLfrlYsGbmfSwe2gVK6KEUMxO5k1IkOZQjQFRY9E8SpmfYIA_9cWVPmNaE4b5uG4vCXjGrNLzd4FVPmBLKFofF_WLdRIYUtDL_ufDmO-f4A0y2hA34bWwcdmb74Wog6v8nj3JnyoAFltw5aDwwWDt2atFkBwv7aOrljWz7tkyymYXUbtkdE8AX4q3BUv7Mu4-4RkWI9XuivANt8DYh8lDu6brpLqsf6SwIsKw2bWaNgrvHggB-MlJ-2tyskveeGZ-ZZQiXRVFw76GmNlC2T3qkUHcHG9HUemTFrvgzAC4zzK4ChqnKd3H5eOwv4IApp-j0D2AQOOyXVEwlmQ1rqIX-01xd2jZc_DpQ9i453PcqFbi1iqhDW6KucXjvg1OIV8XnfL49Z3NH-FmPtJSbnFIgKua80zdxcL8HyJsBkQXfD-CfacvbWqckK8oCxv3MN675_NPuVAd6BMx5nS4e2_rZVMsEYnOvitbiskCAFXSHYBDQ9DLNxslCzeCODdF8PxSzGMtclIwGiz2QeFFuN9OI-mF9ZV9oyRbYbH805DmffQd6aIBbHRSoqosDIG0Mb4nI_jUSivybt6q4WForTU8Im-SvZ_hlHzTMaJ5sF-BNIWRA8SEGW0jq-vSuMXHInK4nfOQZwvTII7AMg3MJQk_pmftwbPNokJ1AsjKZd_H0pwPHbObS_wa5odLcYV16UE__-n5cmOLePmM1kC_k39Tx6dVUpb6pgXhnuF-sLcNuBqqm3pIkSXsejFL3ZnLrxs3u20Sozfz4yBIzg6l8XPIFQVOK0fdZv5yxMaZYX_iHipK_AMqqXGRstu4-h1JdNw0vXFObKVp-19Frp8wNlmvucWR8jS1_Arss2jvRK8QliuPu6LtLLjkPQZiN4bXyVZUOmBDL08MWyP8GlQHYJbG9OXY8JilLuViBSyutPApyD6eYa3syYvD2I11db5-Dil3ZjYTNayJom3mgPvpEQPIrnBUlT_Na9A1qL3i3u_dyjOKZTudFBSAtlQwtORQB7L9B9PQPD_8nMfYFv7dKF0Zs2XLbc1IEFfpJJXDneORud7LbYrXCpU4vX286SPJUaOqcywh3ZaPCyyVvnSlsbFM_IelhDj4_iyUWbcAjM4I-1QgjoUjbjBheBNvV1cc3f06xMP2oDQfIXHH8PXi2fuWl9H-x6uMbj1Q0_yQQn_tx7ueYHiCQJRRX0MT0ggOAGr4QGwmZTY2shXJMI6RhozFGsFr-qlSZ5BtIaN2Obuj3eS3xg4TNryjKwEhFw3iWqrDkQn3ZfKBVxfnWS-aLeW7fAj3zJi15MBlegI6LGXxG2DGwZ0UOfGww08-AcYOAngRIezoBbhOlphW_1b7NTVNHZmQXXBjEKyRXF-9aOIlF36C_gtfXhwnWNfqjCP62u6aKLCdwXzVhFDKupsRXYjkgBS9kqc70LavqY5o7NnQ1datGRzg6RRpWEQ75z8F7Ty75C7Ho0CxXbHbmLEmWNHmQK0s58D9LKsUe3ZeAuQQpgHeEFaiUJiNEzwdM1YgkNm-b3LsQDL4DRDHSa_NcLSKbjJV0SxPbL8v93AnRU-Z6RddtRk-lgTsgCFCrvhNzcrqKnwuXExz8cvi3WbtMdm_0OK9q8i13ArwMflkGrlAoc_DJglqnIgf67F8EZSLcSMz5qLlQunqKoqr4dg7khFula21Zc3zhk4EfgVAf986ebzlW4k_YVyQrnYrf6kThWXMEjIH4SRXOU1KDw&cid=CAASJeRo_Q4JftsMthzCVwVAC3wVzLk9NJbS_9IGhFwVBfRcYpDU-2g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 8FED 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhQf3nixaf7SNVjTSoHjgNbd4V8zGEu7A6ZPLeWM5XujRHOn5TJ146t5dU5ichsZZc358kHvCPr4TRWh96dhFz2Tbnn61gnDSq9o5SO1qUdF_2aczqyEwtMbzbeMEe06aHBE-h1ZOC5pgBCauwqI-J3eTKKV0kTgSxaR0WzU2L_nCjwSAYFzb-sVo2PN_AlOkupaVn&cry=1&dbm_d=AKAmf-A5_ecpTEcPqN1T6Sdoe6ePMJMxyMgt82HJbHzuJKPOkVdg0DCo0f5Z6SHvOfBEA_a8WlkSITamOTOgQVR-OdxBNjPNR1Xcb4tjzB5K69EbT_N2rSqqwaID0Cbxa7_RjSs0fUOMlOCYx0ulPRSgMsIgOdDW0zBFLu7axkcf6Q5WpNKO2Zsl_uB687RBjbLTLtOCpm3TE2d8PQI6WxeP5NhoAfsB54jw_q8Pc_GCs2ZI9GFKyWAr6dUQuAJXl-r_WeuD493eGn8wxOIM2qJC0WcbFxohEpc6ROSpk4gRvS1NfVTj9PBMGKxbjAvBdzTyM-IT4X-hnoCSi10yTsrw8GfTJyTSy3BxrtkdXead_obN3_BTNVwpwyx6cg2CuXwfCGSccpxRAuyHPZzckwIpAa6J4O5MXCKLu1JG9bmsj-tMG9BmCY7LlGrt0eu9p6DPdUzDPooHL7P3YsC2viiaudDHGZ0HUQTwltinfji0Gm1TIpnFbdgAXCqEZ5oaDTEyk6yzVUT5aV5tQt-c1x2qbqJhcuoZ0Mj0l6-_jOu4YGH716DBx57eK1QzF0HXZJ51dn6p9DWcjmigAl_Wm2qd3TYN7SoO9mx4Zo01MWpG9Mvpq326uxTqt_IvwDVpWGA4bdj1frGTdi6Km-J1_nusrLaVIH2qdRNyup7fpr7Q1uMObvxoaWaXcF0LZLXVwOCm18K0QflghX0eg1lkd0pXFzI9TzvYieSNmKLuIdJG6ift6GaVgQS5VxKUuP8mg5AO7SiM2AjBreS8zrLR8Db0MUGwn24xPxsIx69iwweZW29_aEFpBuVzzjPY311kMGc7J5ileCqil71ak3Ycsaw6dahOhED4ancuJEu1zDjexJ208uPsG-KpjBCsREZqgXC8s9fyPgvfixuGCXLm0_3_vVRY0HICeoOwW_biJSP5Fllvfkp52XRR3bol1ffe_KOVLMa1ca2ad9zQUsfOQgmC01yZlyALk3E-_YRbcrNJHIKAvN56vvJ5ym13QUd-J7ZzwdNgzrGEx5fFSGvQ8ntlsYIhESa-fV3FGdEmxvwpXEtDol3PAIT6i7zXTfhW1xK_0izXbcdEVeAIo6DArn-0upsMDN9a7UzNVjXAABzTdCxzUAmFhJNvzX0eKbJyNKprCjPQ94EEA1aP4ohDmm8dh096-beVhmbnWQ6M9Xck59AWxhUd4Ncn3MUFT-FffuBgNi1gRKsPxLVvTbmp8ZG2Bw4lY2ZKHOBMuckuhkla_ljhdLbIRPtyMUp6Lpw54-Wlw3Sp0ZEbLMjnx6E6ExtCgK2z6wVLI8TuqdqwoWrEwq3313CsGU5b7-dXBHuDW8z9qXZURCLphqJsUMKPhgIOVmpdqR6JQ81BrAmMULCnLNwXwEUBcsWXv6_Vx-idEJv1BZJ6F37hN90qX40jsuYzNlM1if_LZeeHu0ksCzbuatRkhgGJKgE-oEVvmK9ztUR5N50UekeOU-fi4mNI1wiMkmP0WinN8CHbyrGSd16J8-z39BHNBhlIhFRL19d_oXm3vOPm6eDSrOAIOHUpRzFPm83bvHOJNQCP0N4NAk6u7RNbXBsEMcBHmAcC5tRN14PQqF-F9kO0f8Bbjscmfu4ixlWbb7raPvZoYhlA0zQSe3FF71WvkJYhB8Aa4fD2bb7jVhnJpayqSxkujyyHN1ybMOurWYK1dAwh3YZtgL1ov6Dk8LvOsjwrJntCKYEtUodF4bskvkmImigCs4swy5jdb1-8Dm1xCv3NI6F0_LFXpjw3EWZkNdsGfo1UiqaOP_zkiNwV8QaIonikKsGZpQOixkO9lnPXRfKsloNWBxrhLBICWL6w2Z1ZlbniwTbDaTnegDlz3v8uIUDOuiSYPbOVG1-8MolvUTKyLX0x-A1lY2H7y3zQaUHHENqE1fqOAPAeYM9GaeOLxmutRcprC9ACmkH4TAlOokHHzkGm-PV7jGw690amhGgiAWiGYOpMCgt-lWppfTeJo5pm3ZmKmR0symtqAeepnFc_6mYYbTpyBec6ae6JRDzM-H-Y6YqVniSRj9aHFdXBrlnTMNGY0r4cFbVSKKJ6Vf8RdiA3MyDS73MR_Lu932edFONWWWFkPJjtMP7ONy9YDGWlbkODgjGMbLzC2Bg8w_izttzBDyszAEWkZPx7YKcO4Ex1DiAimyA-WZlM5v7Du04buBmbuD2BW_3klUy8o7Qb1fRdP1DhDRq3U9MSKG5lnZUqSu6LNBxUTGPGWar_Z-xIRkaF3jTRnVELMr-FMJKXE3NjY4sqeAnP7a0IzS_EeVCAs51h0S8fssWObjueiTGq7FVnABpJccRPCwjAfjONXcrUdZ1C8qVO8dy7P-m5gTHdGWF4T3CiQtNXjKZR4-ysJxtTDs86OP285OOxs2eKsFH_IxmDvtuHJfSZrv2EISdhr4XOvclNpN3ttyviOYMUl_uDLfrlYsGbmfSwe2gVK6KEUMxO5k1IkOZQjQFRY9E8SpmfYIA_9cWVPmNaE4b5uG4vCXjGrNLzd4FVPmBLKFofF_WLdRIYUtDL_ufDmO-f4A0y2hA34bWwcdmb74Wog6v8nj3JnyoAFltw5aDwwWDt2atFkBwv7aOrljWz7tkyymYXUbtkdE8AX4q3BUv7Mu4-4RkWI9XuivANt8DYh8lDu6brpLqsf6SwIsKw2bWaNgrvHggB-MlJ-2tyskveeGZ-ZZQiXRVFw76GmNlC2T3qkUHcHG9HUemTFrvgzAC4zzK4ChqnKd3H5eOwv4IApp-j0D2AQOOyXVEwlmQ1rqIX-01xd2jZc_DpQ9i453PcqFbi1iqhDW6KucXjvg1OIV8XnfL49Z3NH-FmPtJSbnFIgKua80zdxcL8HyJsBkQXfD-CfacvbWqckK8oCxv3MN675_NPuVAd6BMx5nS4e2_rZVMsEYnOvitbiskCAFXSHYBDQ9DLNxslCzeCODdF8PxSzGMtclIwGiz2QeFFuN9OI-mF9ZV9oyRbYbH805DmffQd6aIBbHRSoqosDIG0Mb4nI_jUSivybt6q4WForTU8Im-SvZ_hlHzTMaJ5sF-BNIWRA8SEGW0jq-vSuMXHInK4nfOQZwvTII7AMg3MJQk_pmftwbPNokJ1AsjKZd_H0pwPHbObS_wa5odLcYV16UE__-n5cmOLePmM1kC_k39Tx6dVUpb6pgXhnuF-sLcNuBqqm3pIkSXsejFL3ZnLrxs3u20Sozfz4yBIzg6l8XPIFQVOK0fdZv5yxMaZYX_iHipK_AMqqXGRstu4-h1JdNw0vXFObKVp-19Frp8wNlmvucWR8jS1_Arss2jvRK8QliuPu6LtLLjkPQZiN4bXyVZUOmBDL08MWyP8GlQHYJbG9OXY8JilLuViBSyutPApyD6eYa3syYvD2I11db5-Dil3ZjYTNayJom3mgPvpEQPIrnBUlT_Na9A1qL3i3u_dyjOKZTudFBSAtlQwtORQB7L9B9PQPD_8nMfYFv7dKF0Zs2XLbc1IEFfpJJXDneORud7LbYrXCpU4vX286SPJUaOqcywh3ZaPCyyVvnSlsbFM_IelhDj4_iyUWbcAjM4I-1QgjoUjbjBheBNvV1cc3f06xMP2oDQfIXHH8PXi2fuWl9H-x6uMbj1Q0_yQQn_tx7ueYHiCQJRRX0MT0ggOAGr4QGwmZTY2shXJMI6RhozFGsFr-qlSZ5BtIaN2Obuj3eS3xg4TNryjKwEhFw3iWqrDkQn3ZfKBVxfnWS-aLeW7fAj3zJi15MBlegI6LGXxG2DGwZ0UOfGww08-AcYOAngRIezoBbhOlphW_1b7NTVNHZmQXXBjEKyRXF-9aOIlF36C_gtfXhwnWNfqjCP62u6aKLCdwXzVhFDKupsRXYjkgBS9kqc70LavqY5o7NnQ1datGRzg6RRpWEQ75z8F7Ty75C7Ho0CxXbHbmLEmWNHmQK0s58D9LKsUe3ZeAuQQpgHeEFaiUJiNEzwdM1YgkNm-b3LsQDL4DRDHSa_NcLSKbjJV0SxPbL8v93AnRU-Z6RddtRk-lgTsgCFCrvhNzcrqKnwuXExz8cvi3WbtMdm_0OK9q8i13ArwMflkGrlAoc_DJglqnIgf67F8EZSLcSMz5qLlQunqKoqr4dg7khFula21Zc3zhk4EfgVAf986ebzlW4k_YVyQrnYrf6kThWXMEjIH4SRXOU1KDw&cid=CAASJeRo_Q4JftsMthzCVwVAC3wVzLk9NJbS_9IGhFwVBfRcYpDU-2g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
server
cafe
etag
16485072225624805710
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D515 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Origin
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 10:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 10:22:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame D515 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4XeQyGkjGLMe1wNRIXrK1MdFf_pU78KxLoXUMTdoneZ1kI49CkpM6BCZhhU1JeAmFwewsnf5x1STF1wIay6GLsVH0qU9q4n0WlftwArdB-WBg2nJrbefT5t9NZoimUbUTiUULm1Y5Y9rEG50ft2xxtaKpayYXTFSC9IC9MvvBjqimoys&dbm_d=AKAmf-B3ZTwRDZ7NRkOAWmOeyk26bcC0W4gykHiYjX6sA_9qasGFUMdyycRVFu4eadYW2BlZopFpkTqL_MxDFvOJawUmKM8YAaVJjE6MwIZrfdNBpdMXF6TShmXqMpHMOCUNMX1vG9Y0vGTu7JCP1KE4pLoiqFzyuc51ggauPw9gmVkaFW64VwFzO-bjfWYfoi31KRarvYTAotYyIH3MvnIMMExo5YJtSxLroRoj4HGmmwZwkjL8Nh9LzWyDI76FayODNcEdJcX0Qn_76KmOX3-K-YjPajEN-3N_Ui8gy1oWoS-CXCSdDRGBrHlD7yolSawR6LBBtQTRNHEH4WTPMQnVPleJRm2Vd6H5RVxaoyqcG0RppXF5Nl9HEJHVZqgLTvLNJJLFiGtLMELJ-CteM-3hiW5dpGjXIQpHAsoFtMBN6suBKeorArOnmTS16xjimsXA_bitGraZgh_OVm2wRHW7j2jEMX8z-Cg_CIH2jIfZv0sC1mYqtMSUHgeqpu7ay3wDpi8VXuswS-WwE6Fbqb6Rdc7130unvfpbQsNt1GOYxXkyg9zBTrC6rJrIr046a0gHF86XxtzNK6Jr14yagK_sCe-xf4CzLUmsBg6CXUfTzkmUrzF2-iPG55Dy39pv4KdIeXu2sMrZ9ZKXjZLyMNtkz2OtDX8QdZCPJ3DmQnduha58pztZmO5xT7nZ6ZX9wGW0JLxXZTUbUCZDsfR752LzZ9kajuqEnRf41nfy6zwbj3USiZVd8qwO3U5KTKYWxgT6jXscIGNBVQigELerXeXB427zGCrny8w6I4GhzMwxN2ExyBk-gr43AAnZvQap7hupbpWFGoN4QhPKKf-wT0296fJforT-7W3GJLPou_OCW_PHUtdaF7JYbg5jDUha4fVaBUVmaZfii228ed8zRRMx1hwOa1bi4cEKO0XLWvQ6Yn-QtCnxJAbZWDgYnboMSGf1Feb_ejxiSRIwaPzrBDp4DT60pM6mu_-ybKD4OHoujmFmTih62qUg2Bt14py8h1gYHuNFC7Df1HMpVatZKcc_Y4a5p4rpLIHsxxig8WXoaq7SEWajyTQvQ-2IR2pBJ1Rd6KMHZS9AIR9Yu3Jbhn2d0zAsvFgtjlr_X1VcCBzA0HqHUr3MJa7CU8njGbjnraFjZQzpGpHSidPl8a1amF6wQ-N-dYlv5cZQyqvvJbbx5kH2n5xPqVvs_Qc9LDJ18QAJein1X-hewsbu0J7e9PHKO0e_BoxlWYN-7o7KLEQEij2-mnsJbo7lOdUiMOgPQPC52_bLjR47j8d7g8jAleXmdSQIxb8Uk2FvVbXS1mrTN0itI4_retxNfESSdWcyXA9fiQ1i5ypOBSPNC0_Ga9uYfLIae7nxbz5L4tIlLCj7j_c-44KxrySSz9dR7XAQxBbAPp8x5z3PCxCNCKstcwc5uEwEFCcECDVPUnV2eg3OO8AmCQp0p2-aG5-0AYN0nT4eNb1IXY-SxZs14C9KBSHi2V4VRvPHyLLhN7MgS8CGkAK-VgyieSP-QlXdUfSj_i0sF86OCdWjJoyBDQVOIlZsZ2AU-1BAqCJmAvPKhV-XoZtixEnI6okErreBaasYvxy7Y3Q_Wj11oVI54-WtAu_X95Lw4KsA9GvIXhZe9Y8DdCUf6SqNvkkx17N68LMbvzE1VTdYBpzW9WClx_QYyahhz1e7gPnaD04Sh6QQB83iXzkHlR0alhTXdQblf61nueo3pRRQr8sIkgXUAPeTnJdlOvCdKTtbX9SwHv-_DqlgwScntoC40ixt7n2ydR7bSbqfgXGBS9Vd3dVcfETdwZcyUJcWkskCO_yd6ZHJjMYufo-pMUTMlpH6T2rH1PQFuy7vDGXe1vCBt22jqw5gpblENjojilLoBGxRQQWCY717ISdpBhzHtvkdIXCH51CfmTT66JeG5UZPcrCOIKaZBJ9Z6qoQOQ6q1ipt7rz_uK8a4CDP5P_7Qacgoy_SeppFY3pheHNryxbm2KFxDF__j2O5sCAFra9KbLHyxiIx41tLT1RjNVdXYOw9uTH4HV04Dbzrzf0ffCwWAFNGS2HgTD3sfMbXjiw8Q9wok4B5TtrjvDLkzvivnztd3EJnX4BwKeMimn8WmKg3ZQRXUalEqBwcR3cN4-mLHXVU-bwu21Hb8YjgbVqaG2CNtJoGx3bfXxwuiqbACqhPfEnOeLv7I4xIlM1G-J6Tr_PdTViIkFgxjYZmDfe9WtOE2bUBvFmEm5fN_nB2RWK4YOsT7LN9pA9GsEgHCXvjFfRg7jIXsVNyl190RzzNIdMjAK6zqxLGTu873DugFlpZIwFipYHjOcAn-xZ_m18qM-jZgFGRihYQ23eMQhV5jaKNLC4CzG1E3hqRy2sn4yxb3TIzWkiCjeqjI_E9W9ZSoqgQW2MX2FTR-DITvV2YxevAwVzEj8JBtnKfte1Xasa5EyDyuILS47GkE18_14MpKflXo3LP1EJ34p9CiCTB_hBtcZRbBCZZSgjt0iBS6e9brXE_IJPT0FTZwXzBozbn-ePvNFao0ngsBeUMGfF3UqakoHCMmMv8paRXx-T_zbuvP5aAlEoTbIWL0iZGlT8Ms42lVZcwiVcdETH-GW--w7bwIOUq2G_gxy2tPpaSVFDCB465147RPGX3nDEK4Sy-6CsjHJ1EaNaXg8RNb4-52zGq1g6JN4w8_6hG-__B1LaffEANoS_-9pBUTEyWLSiaoXs_q3x4dagKQKCVmEw_nNGEM76_EI8lU6WERd_SBmYOWc_7HIEDX61MCNwmnWWFRnwG8saVd77_mCehQDleSjj79xkBR9sIs0wZeu8OvHSUX3dcemYAjpR9XKyX4e9XTwnyzrhkylHBKsaI-vFf4Hc9g68MqKmWjbiKtX3J2QE3Yyaz65ae0o5KWLHRJAkUSX1JOhr_mBwT90G2haj0_qzhmcG46B9v5cvBo_3UhUmg-pDc5yh1L_HC8PTlsOj6P1npl4tPzkWohlaGlC37QXAOZ-mQj-hOCX0MuuoxWH0YJ4K6u5iFsbuEdY7PVfIJm_4HBaOG5OUdZuoname7pSPetRuywvehnBdd6tiI-D8K5_gexp3Qh0pxg6uTtRCQG2tKTTl2U7KUXcA2CVt3m5MQWDrOblIqSMNHX7jLtYSJkLjSNQHnM9lJcBBcjmFdRzwQ3x_o7KqgxfVzXBe2NlBFyV2AZqsA2OjYPZvgFiRObpn48DkVzbU8cU-ehcNOAK8Ej3_mHw3ekv06nJjnF2LXDPL7Rxhnv802sn-uHt43bJ6oHnc8iFBFRFR2IIkv0ETvkUf8ZDtGp3uY7Ec6m-CWOA1jNEjx3mpA9U2XpipbMZtGZV0lChkWLyZB44hcFA&cid=CAASJeRo2vye69I15vBe5YasaCBBQfSG246qTtYj31i030OtsX3Lp6g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame D515 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4XeQyGkjGLMe1wNRIXrK1MdFf_pU78KxLoXUMTdoneZ1kI49CkpM6BCZhhU1JeAmFwewsnf5x1STF1wIay6GLsVH0qU9q4n0WlftwArdB-WBg2nJrbefT5t9NZoimUbUTiUULm1Y5Y9rEG50ft2xxtaKpayYXTFSC9IC9MvvBjqimoys&dbm_d=AKAmf-B3ZTwRDZ7NRkOAWmOeyk26bcC0W4gykHiYjX6sA_9qasGFUMdyycRVFu4eadYW2BlZopFpkTqL_MxDFvOJawUmKM8YAaVJjE6MwIZrfdNBpdMXF6TShmXqMpHMOCUNMX1vG9Y0vGTu7JCP1KE4pLoiqFzyuc51ggauPw9gmVkaFW64VwFzO-bjfWYfoi31KRarvYTAotYyIH3MvnIMMExo5YJtSxLroRoj4HGmmwZwkjL8Nh9LzWyDI76FayODNcEdJcX0Qn_76KmOX3-K-YjPajEN-3N_Ui8gy1oWoS-CXCSdDRGBrHlD7yolSawR6LBBtQTRNHEH4WTPMQnVPleJRm2Vd6H5RVxaoyqcG0RppXF5Nl9HEJHVZqgLTvLNJJLFiGtLMELJ-CteM-3hiW5dpGjXIQpHAsoFtMBN6suBKeorArOnmTS16xjimsXA_bitGraZgh_OVm2wRHW7j2jEMX8z-Cg_CIH2jIfZv0sC1mYqtMSUHgeqpu7ay3wDpi8VXuswS-WwE6Fbqb6Rdc7130unvfpbQsNt1GOYxXkyg9zBTrC6rJrIr046a0gHF86XxtzNK6Jr14yagK_sCe-xf4CzLUmsBg6CXUfTzkmUrzF2-iPG55Dy39pv4KdIeXu2sMrZ9ZKXjZLyMNtkz2OtDX8QdZCPJ3DmQnduha58pztZmO5xT7nZ6ZX9wGW0JLxXZTUbUCZDsfR752LzZ9kajuqEnRf41nfy6zwbj3USiZVd8qwO3U5KTKYWxgT6jXscIGNBVQigELerXeXB427zGCrny8w6I4GhzMwxN2ExyBk-gr43AAnZvQap7hupbpWFGoN4QhPKKf-wT0296fJforT-7W3GJLPou_OCW_PHUtdaF7JYbg5jDUha4fVaBUVmaZfii228ed8zRRMx1hwOa1bi4cEKO0XLWvQ6Yn-QtCnxJAbZWDgYnboMSGf1Feb_ejxiSRIwaPzrBDp4DT60pM6mu_-ybKD4OHoujmFmTih62qUg2Bt14py8h1gYHuNFC7Df1HMpVatZKcc_Y4a5p4rpLIHsxxig8WXoaq7SEWajyTQvQ-2IR2pBJ1Rd6KMHZS9AIR9Yu3Jbhn2d0zAsvFgtjlr_X1VcCBzA0HqHUr3MJa7CU8njGbjnraFjZQzpGpHSidPl8a1amF6wQ-N-dYlv5cZQyqvvJbbx5kH2n5xPqVvs_Qc9LDJ18QAJein1X-hewsbu0J7e9PHKO0e_BoxlWYN-7o7KLEQEij2-mnsJbo7lOdUiMOgPQPC52_bLjR47j8d7g8jAleXmdSQIxb8Uk2FvVbXS1mrTN0itI4_retxNfESSdWcyXA9fiQ1i5ypOBSPNC0_Ga9uYfLIae7nxbz5L4tIlLCj7j_c-44KxrySSz9dR7XAQxBbAPp8x5z3PCxCNCKstcwc5uEwEFCcECDVPUnV2eg3OO8AmCQp0p2-aG5-0AYN0nT4eNb1IXY-SxZs14C9KBSHi2V4VRvPHyLLhN7MgS8CGkAK-VgyieSP-QlXdUfSj_i0sF86OCdWjJoyBDQVOIlZsZ2AU-1BAqCJmAvPKhV-XoZtixEnI6okErreBaasYvxy7Y3Q_Wj11oVI54-WtAu_X95Lw4KsA9GvIXhZe9Y8DdCUf6SqNvkkx17N68LMbvzE1VTdYBpzW9WClx_QYyahhz1e7gPnaD04Sh6QQB83iXzkHlR0alhTXdQblf61nueo3pRRQr8sIkgXUAPeTnJdlOvCdKTtbX9SwHv-_DqlgwScntoC40ixt7n2ydR7bSbqfgXGBS9Vd3dVcfETdwZcyUJcWkskCO_yd6ZHJjMYufo-pMUTMlpH6T2rH1PQFuy7vDGXe1vCBt22jqw5gpblENjojilLoBGxRQQWCY717ISdpBhzHtvkdIXCH51CfmTT66JeG5UZPcrCOIKaZBJ9Z6qoQOQ6q1ipt7rz_uK8a4CDP5P_7Qacgoy_SeppFY3pheHNryxbm2KFxDF__j2O5sCAFra9KbLHyxiIx41tLT1RjNVdXYOw9uTH4HV04Dbzrzf0ffCwWAFNGS2HgTD3sfMbXjiw8Q9wok4B5TtrjvDLkzvivnztd3EJnX4BwKeMimn8WmKg3ZQRXUalEqBwcR3cN4-mLHXVU-bwu21Hb8YjgbVqaG2CNtJoGx3bfXxwuiqbACqhPfEnOeLv7I4xIlM1G-J6Tr_PdTViIkFgxjYZmDfe9WtOE2bUBvFmEm5fN_nB2RWK4YOsT7LN9pA9GsEgHCXvjFfRg7jIXsVNyl190RzzNIdMjAK6zqxLGTu873DugFlpZIwFipYHjOcAn-xZ_m18qM-jZgFGRihYQ23eMQhV5jaKNLC4CzG1E3hqRy2sn4yxb3TIzWkiCjeqjI_E9W9ZSoqgQW2MX2FTR-DITvV2YxevAwVzEj8JBtnKfte1Xasa5EyDyuILS47GkE18_14MpKflXo3LP1EJ34p9CiCTB_hBtcZRbBCZZSgjt0iBS6e9brXE_IJPT0FTZwXzBozbn-ePvNFao0ngsBeUMGfF3UqakoHCMmMv8paRXx-T_zbuvP5aAlEoTbIWL0iZGlT8Ms42lVZcwiVcdETH-GW--w7bwIOUq2G_gxy2tPpaSVFDCB465147RPGX3nDEK4Sy-6CsjHJ1EaNaXg8RNb4-52zGq1g6JN4w8_6hG-__B1LaffEANoS_-9pBUTEyWLSiaoXs_q3x4dagKQKCVmEw_nNGEM76_EI8lU6WERd_SBmYOWc_7HIEDX61MCNwmnWWFRnwG8saVd77_mCehQDleSjj79xkBR9sIs0wZeu8OvHSUX3dcemYAjpR9XKyX4e9XTwnyzrhkylHBKsaI-vFf4Hc9g68MqKmWjbiKtX3J2QE3Yyaz65ae0o5KWLHRJAkUSX1JOhr_mBwT90G2haj0_qzhmcG46B9v5cvBo_3UhUmg-pDc5yh1L_HC8PTlsOj6P1npl4tPzkWohlaGlC37QXAOZ-mQj-hOCX0MuuoxWH0YJ4K6u5iFsbuEdY7PVfIJm_4HBaOG5OUdZuoname7pSPetRuywvehnBdd6tiI-D8K5_gexp3Qh0pxg6uTtRCQG2tKTTl2U7KUXcA2CVt3m5MQWDrOblIqSMNHX7jLtYSJkLjSNQHnM9lJcBBcjmFdRzwQ3x_o7KqgxfVzXBe2NlBFyV2AZqsA2OjYPZvgFiRObpn48DkVzbU8cU-ehcNOAK8Ej3_mHw3ekv06nJjnF2LXDPL7Rxhnv802sn-uHt43bJ6oHnc8iFBFRFR2IIkv0ETvkUf8ZDtGp3uY7Ec6m-CWOA1jNEjx3mpA9U2XpipbMZtGZV0lChkWLyZB44hcFA&cid=CAASJeRo2vye69I15vBe5YasaCBBQfSG246qTtYj31i030OtsX3Lp6g&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11484
x-xss-protection
0
server
cafe
etag
16485072225624805710
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 63A6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:01:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F01 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 13:44:20 GMT
etag
48472445140208031
expires
Sat, 29 Oct 2022 13:44:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 63A6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ff60edc066ed03c4e54ad8f04258a65178ca6a871f5748f0c719b74f58d79d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8FED 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:01:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7ACE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 13:44:20 GMT
etag
48472445140208031
expires
Sat, 29 Oct 2022 13:44:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8FED 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4773a68f8ea3ac47e6793e2bdfedcf21cd5f437d3f37c340e97b5865dcabec5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D515 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252365
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:01:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7B43 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
73397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 13:44:20 GMT
etag
48472445140208031
expires
Sat, 29 Oct 2022 13:44:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D515 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd920b25c9bf5fce52de23249755a63d0e6826fc743d26eb60fdb350a5523f34

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 6F01 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDClnPjDxT30cAwuZQTbGa0&google_cver=1&google_push=AZmPxg9vOrdmfJVNgkdCX_XBurZj38F5XxDvvrUg7YhUvFeHb3XYRi19tpOV-ku7vEMzUgy6LSdhX4AHJ1ReHBQG77IKdR3730k
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F01
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ9J-j4nF5skUvnBBIOCyBaOGCIOAO7dba-orUbBmW5_Qli3omBP7A
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg_OBbjieSgk45vj6_K017zyQJX9jjUOnl6EAjNfJIJ9J-j4nF5skUvnBBIOCyBaOGCIOAO7dba-orUbBmW5_Qli3omBP7A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 6F01
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761b1af4c90871d2-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
873
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHCCvAd_2xu8hXdacFL19sE&google_cver=1&google_push=AZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8RY7I19WFUwl5yJPXzu_XlpugSdfVasRjGqFi5dxgKEQoczscdpTr4ROoWvkQkzUSmP1IUwnZyY2IhJOFy5CHI6UMZZsw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761b1af36e2271d2-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6F01 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELw7gIzySy8bXZUhSEaAEII&google_cver=1&google_push=AZmPxg-F4N8WnF5fQlNpmzPz0NZfnRB-qdaSRLJG2VeKlYMFUdXSUTh__Ki-jUvT-Wpj8E-2K4HD8O4EH-SotHbl1gWJH2Q3
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 6F01
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM-m7zib_35oFRk9rlSpASI&google_cver=1&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZON...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM-m7zib_35oFRk9rlSpASI&google_cver=1&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNzQwNzk1NTMyNTIzNzA3NQ&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNzQwNzk1NTMyNTIzNzA3NQ&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZONtwl4ZHR0bjU6MZGHQVI
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMxNzQwNzk1NTMyNTIzNzA3NQ&google_push=AZmPxg8GSGPZ2HRz9XoJoFC9NM0CdvPH9kCUeqtrWlT0rNIkR9lPdp1zX7l9OlXi3yUN79-7kkv7GZONtwl4ZHR0bjU6MZGHQVI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6F01
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELI5R1psVIHvbjmMLzsNcC4&google_cver=1&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthV...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthVOZW8s-U5hw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthVOZW8s-U5hw
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 29 Oct 2022 10:07:37 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg-qvSsF952kGtQwj7V85vi-7jScloNMSAyjCbkIdZrmCbPnKWDxI7kBKX_VloVoXAGA5PTYRQTSCBkiPthVOZW8s-U5hw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
YpmRt1_V4lJzIo4VdK6mTmxiKl5AtV0t9wzNYzyteQnIO72KVuuCpA==
pixel
cm.g.doubleclick.net/ Frame 6F01
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-MV4yZ0CgO4wjnJV75...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-MV4yZ0CgO4wjnJV75G2CL9CxJXidY1GswAYAeUM68uGwA-jEfVJT8nYZDkxLCgjHoM_gXBBCHnliizn-qJu
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
AN-X-Request-Uuid
f221a57c-1f57-489f-b661-bbf1303f04fd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDIxMDU1MTYzODEyODc5NjAyNQ%3D%3D&google_gid=CAESELXxbxmsO6bW5spYotivWnA&google_cver=1&google_push=AZmPxg8VHQL8HaOd-MV4yZ0CgO4wjnJV75G2CL9CxJXidY1GswAYAeUM68uGwA-jEfVJT8nYZDkxLCgjHoM_gXBBCHnliizn-qJu
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6F01 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxxK64gw9ZR4MU16ms8lmWre9SAPGmOsRjUYtbgrQa8Kycjis7R2Vhidvm6Dhk5o0x3fdU2A
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
s0.2mdn.net/sadbundle/8247371334640730112/ Frame 0C03 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af392472f373eae45bb1b52b0da199a3ced2d23d318e81593a157408d3ebd8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
435387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18736
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Oct 2022 09:11:10 GMT
expires
Tue, 24 Oct 2023 09:11:10 GMT
last-modified
Sun, 04 Sep 2022 13:25:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8FED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3-KZ_AiM8M_R_7e4w3RGAclfqWRTuSXHQsEo_x5CDYjWsh34IbUdm-wEUGtw64DlsieEzNZA8sLCuXfe3kcl9dHi7Sh0-TRk1IKRIVOtenaGiuSNrT4H6nMOhxTJVYeMv9bX8NHZfT_mFudgZSF5uUz2S6iPmDOMkIDfp4LzFsiwSHBMFrb15b9I0ux7NrWLG0BdFr375PzG83TkRzkV-YrIm0ImsSnVSPbfqHBx8hNE04Ioraz5Pp65d513nPyAhNgps-z2wSR1xnHzdXrn7qofER8utVElP6rvqH5dH3XK1k5CalaCoOtvOhU3zcLzyNhqZu41l6GACaApfTGJq48c4wlfYRB9x2FR9w6ukiuTIbu2e2sgJY_xyCsZPYs7uZXBudJe76FeL9Vpg94kb99I_304JgCy9CcD8YPKzs8p7kRwp-q7cnF3EO7T3wNedx2_UWU0LxNBFkGd6OLmUtZOW3f8QcSvBZyeURIPVmiVn7yt8OVrH1OHKjz_vMPk1dEnfGND8WdrWL0JXcj5zeNQ4W-yckdr5g9Gfj9VZSIi4zsUqFEQYANyZGK1yefOp_dXyI7K8FIVCxqj9gZVf1Eb_zBmq5MYS9E3Rz-PTrpnRKvGKWZ2Bj7N3INSm48Ej9s01XF4nU_Ui2NGHkluHk1DJYxNzR8Fb7caSsq2ttV640qbe8og8YU5Ocs2rbvFBuvsEA8UKZ0uuOPymFBLIagTmFItfy6WPNRTs7_qJ4wp9bJec9VbCuf4VLSHFA2WYx2FVKLFafTzxZqbCnendIm4EYThxRbtYs4HsopcjJCioIRatHYHVGEOgD_1l9Y9QUnaz4KvGrpRMOyCSGnShnUSBIzZ2EjPMVOXIOqbiQ7hbMDXdi5aggOuYFR8Kwyv6ViDKo3YsMrRmd9Zt3TUyT8Jc0By565AISqVLnu75vIoCMBsI33KSyUE2un2vzfexnUhyJ6roOXy2V2aNVhRLHgbLyCACo48TthHu1peLecAt62VYn0hgHC5HSE9GvD7yNTjIyHAI-8ttoXDJV_f7WxISPPCvOnpFvvVXuiTvsa3w1H1yWvogmClWgZd6pRV2ud4lrC69hOVa-6QcHfMhCxM4yGk-xQJel1vgqk-_aKvC3wCXikl5VHbgKDqsLrjVLQR8Pm65DnXAu8R64ashI0JcKM01csnd69cjZzBn_Mn4oUBNhoo3BmXOMFNlbAkAFT9NKZV0OKXQ-GxivFtOpWboM5sPf_stHEpWl8kHWdslGwRpeCSq-by2Vjgny5We73BFxuQIqTJhUEmtfKcYZIhTvg&sai=AMfl-YRVa-f1R0LjszPpUWD-JZ01SLNYtbkDMiTQrjXbZiKb51sgCfAkLNfuZb9T3AXND0zZovyZxzBbhzGoqIj1QZL-AyM2wqTS6DrVZKvI2w-ItfAE0nM6KG5onV5Sx5vlLsIkxXKZkINyIrS3KlaZPKw9n74s3WDaz3qpQ4M4DuqFiY8i4cOPjbZFoV8ubJLPnJYg93XTWWMb1d80dDiFwcqJMQU8hA&sig=Cg0ArKJSzBHaNT__yQRGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=233&cbvp=1&cstd=231&cisv=r20221026.90165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:37 GMT
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 63A6 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148813&ord=1753414525
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:54:25 GMT
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
65593
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2TWl4JvoMGFcglCrm4-X3rsDmZR2_zVkv2D4Z3oR8HsdiH7O06prmw==
index.html
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		209 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
expires
Sun, 29 Oct 2023 10:07:37 GMT
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 63A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskzRupRDY9bSUmN0A1KtYNvtpLa8qip2nW2-niE2SbEUkZ6ulWS5Agnv1u4J0-MCmpl17Cd53ZpAuWZY2aPYIu4a3wB-6wWAtlen-fqSW1olxkQ9GV0nqjF33IOd2ryUoYgfcLhlU8BlFfJEwN9gTkoljbBQrfmHFkCYLuPBblS8WYTBafxNrvXrw2iMfKbZt7cVWdVe9WLTEdVRRYg1kucniurkdjtCZnToUvL2p-TybvpH5cbWE_15YD2oCPGbLfricQYW-aH0ZY4I8BeaB4HsbD1jcNcxQG2ZxFRCZRKF1giKwJXfVuf2Q2w8LoYBWZBYB5iJvTSuYLq-5IbkGPCPBt4w3KwB40EAID_LqtcyYxwPXojjaWI-_IMuBkBi_-QIS20BPtm1LYZbL8XxteRsJtXBuQ5izbBrPPAt5BO9gqVmZAfO-lcqRgsknsymp1CGKMFuD6etX9Uq8JVGvK1DNPwGrDGbgFWKIKt1KVbSkyB_4Mj0yJJ434Ix1cxP00JHZJuJ7-WsLCfn6zPZfW5miy2YD30I3_qVSZBshp6KhQ_dmZFmgyfj9oQNOWTbV4_XWVm5r_fRCR-gIj7E9Cq6qJS6u2c4jhxI7EnGEZ8BuI048myNCdeLvKlkMqgSEhRz2WePBR-OelYw9QUuzbcV1cxSzjvLBGbFPbyW_0l5hs7gdlh3Rzg7dgkwAIA4-K03ysPWZs25xEh-_zlOYuW-vsxC_VMG8IgWdsj9I__aS8yEWClkmhvMaGaL5r94Ehu1dWYqAQX0UBrLtI7es0LbCc9E_dAiAiQpn2SNBKE_p_KBiPHpPIlF-R6Ml9MKJeP_CHm5WZoFFZ6mx38PojxXKIW6dAarH2I3G_XyKSEfLfOEqTDNh1g1QX9Nll9JFU0qWaXOYCrYfNrjKOKIFSREQlQzZq_bqTO8UWM6K8M-iWE5uW-6TbtmssUE6y41wLdcHU7R75tf4xktrypUZ3TaaD91Qpqm4huj93uFw11jZi3FKSrLojaIH7Rp5QFc6OCQ8Qi9fKAfPmzaLZkkjIeHDhiyJs9_72YnZBV1hCQvFaVsG_S0RlXsWvhh3itDDBMEfsj--wEI75DOuYP9VhIz8V9s7tvNh1nY66wG4Y8-Zk5hqTSeEDbOeHKtC1uCUcb8jrmBvTgbcrIkNJdwz-qd6KAyQf0DvgWf173zn8S_-Qa-VMlRDqR2bMtM6G-nW-5lM2hq3If-UcJj9esE8tKxTRGpPSX9N5qoiKrHmHwt-ykgQojA&sai=AMfl-YS9O3LOOuLSRAP4qe1n62stUux8Lz7Xd0PB-3yMOg55XY4VR0sxL9UWTs3o5s7L92S4A8Z8lGXeceVwjzuO3NE7q94hrHlxuJqOQYE75rA4-aSQ0DL5oW0hI64aVWHtQ-pBnMrDVK2D06-UkPLuotmpa5XAfIKUF03dlJ22C_fEL35Qm9JBBiiZ68DTxwLFwNEtc6y0Km2JXR0r9-qXK8_w21czow&sig=Cg0ArKJSzAR8JvqKLo1rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=269&cisv=r20221026.44827&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:37 GMT
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame D515 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148816&ord=4010465823
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:54:25 GMT
content-encoding
gzip
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
65593
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4KSGtG3h1Klm2U64QSvurZbnvPCgT1PdEEUVAuOiJAs8fAJzGi6xZA==
index.html
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		211 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59336afb66547cc153b095bcc84b5451a5245fca489232bb29602ba84b6a72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
expires
Sun, 29 Oct 2023 10:07:37 GMT
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D515 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOv25AuMAuSdONe22aXvmAh1E0YUFggKlkEB6413MRY1GMq3Gx8vRUHnE0sdk8WyerZJwUl2QodBUFFckYH0fj-MikpurnNDZOkx5S7IRgM9wgByHHW2D4u_jFZPEXgZPWH2bzn56P_Vzdn-vwRZ1izhQibdkeeE_huXX78hBXnbZr56gZPkdqbG2lcJg-FxwmH35U5rOonytxKHI7tHJK1_PIPVtBVF4UxBipVSGH1eTSSnqrvzj_BahmkdzGI3ccdKIwY7nm44jrp609jv53a2s1VVLWVb1rNxQukPekChByTHinmQ7cXCqss0xU1N4rIpCZSmEKJGMfOTEccgsQXayYfVndGdD1o3Py0FsAb2DnwYMIoO_qrt_yx-05hUTOa4_7gNcjrDK7cm6TFjJV65O98e5C6VcPW6r90LfFdnTMI361AFi9yvlFqxqasbkG7ZlSdLW1DBKVqH3t8M-iOx0qgX5R9BfcwZ4hFdlTHvdPo9oP83gDBQjA8aSsidpQ70NRtrwS497SeitxC5xiV5fzu1n4pUI9SbDTNP2dPccUr4RRV83HBxgHElal2tLYriyN1bIxpCoV-5FB1wYfARQB5wffgq0L1XsGFQibRc8JXNrAQNF-badip2LENPC4Re4zDI-H2DiirRkdDy4sIelwoCHGEBlsglRJjJARBDsaSGImmXVPzu5NqtdZ45e2oz-uFX79kqTOP4JQj5hKGWOdH9PxBJDOkxzrstpH1tVxrj3aMymCFn4qcVHqu_CWzOUvULELVpUEXdG6raknYs-SI4lvWLMzzzQw6GiB29RHPhBCsyp3MGx-cFu_3rS8H-t1HbRfic1LJLuILEpTXm7zFI-0_YzvivCm9iCrYiXuAGKeU4yWNmf48_0BkJw6vXe0SbAdTsPZlYeaJn4-QNFJinFTT5PN-0pj7I3EuS6BEi4o0ZdSWDVubGeJ__3i5NTh3A-G06VtrqqJjd8EFl85QrQFUDFB8gCmf6VsJoYB2npXy-KxxvezFE6draVEEhjAdfvaiC6lqRjL7g_eBqDdy4q-tyE_E0EIht7MfN2rhJeK0uiccfNTjKjoSPRQ0XUdmVAsx5tVbP33dBYJ7Em9_c6magyqrRfhnxNhc2AXsj-Gp0TKZdVmC1jY9CaM1pj45MZc7b7QBSLMi2wiVoyM2Dhnp4qCAiX67NQTadKAFUSiFAMIqL3V0fkyBKhOMzchnCgBhfQ7ltXHCpUTbkHcQrGU0ipf7jArTDjUfiqlBh16dEQ&sai=AMfl-YRIPbjxoPO9rO9Rco3gGgFb67Cnd7VHhFou0yffnI1WC3ouTCR-wuHBfB0mJbuTreegZz0wr7AmZ71ne5NqIenJv2UT8Mj1Rau7LtfVVNT6uWjUYmu0HgHSQOo9Iot3-HzXaWuOXJMx8cBeAkz74j4oiKwvQ2c5j4E7MN9wK7wgf4zjINTfyuXC0F6D3pO20mQTHQidQ0jH1v9dbCajkaDSOoepgQ&sig=Cg0ArKJSzEnCNQgJ2FE4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=233&cisv=r20221026.81038&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:37 GMT
init
gw.geoedge.be/api/ Frame 9F8C 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.1.102.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-102-118.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:37 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
AAABhCM2D1Y5Oq5QsaK3fyY7GCrYXArboDUgwg
pr.ybp.yahoo.com/ab/secure/true/imp/yvKj13y4-lztQqidehXd9qZxj9a8J3uNln5cfZUiZBVayZ9Z2M9JDXFVQnUXJsPUZCRbY7_Aa3iH76MliCo9Lens-pXE456wKIn8kIywTpY3D18IHd1LW7qMphhpj7Km9gSK3uayhng8vBpC0nBELt1IABKlF25ie... Frame 9F8C 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/yvKj13y4-lztQqidehXd9qZxj9a8J3uNln5cfZUiZBVayZ9Z2M9JDXFVQnUXJsPUZCRbY7_Aa3iH76MliCo9Lens-pXE456wKIn8kIywTpY3D18IHd1LW7qMphhpj7Km9gSK3uayhng8vBpC0nBELt1IABKlF25ieSzjAjg8u-A3xF5aD7kLd8jhTH4z40o_HUuJWfF3F-JdPH11GkCncWxJrGQ7ARZ3pO-A57OJa9MH8EzofXzOAE0PoONwmHA94TiC0MCYqqAg0GaordvpNk6HUH5-oyBhDgAmbZLHxTMvpKWs5gfUHLyEbr29ATWaDt_8v3Jn5OCeEycPvsEEW-4Mp3D7DePBQAxGhp1w9CjgMi-GXtCDV6h-DfZBoxe0tdf29WniH1IEPyPhz6UciQti8NElauSutNdm92Ww9HsHPz0LO3Jrl-RKt_Sz0wR4gjBZ4u0iCq61jQU9G-y8ad7eBxO0NqXVvnKSs2ltRsSaOJGouRBsxVJvps0l__rRTZLqK2bzSIIaiZF2D3QNE5wGIiHfvcGIgm2tSo5k3WmRAAYfFlD2aGUgiN6cOOy9j56asX-hxYsbrW-bun1iVjO6u6TrjF-I6rvGxNXcCqYm0K0riCxuxxt7q_XP7KMHgD54lm1yMCHTjf7Br_RKOom1_ptgOI1VeVQ6p7VYiI0GNy3LUaykUvR9YC5fvMXab9eMyihlF-tmeuOqb5VzY4EFUutRmdbW0Mmlj0xXx1u-SjLpko5WcSJIWYVQnlJLeIgw4ZHY27RHRCWVI9mE1XOE9LfcsEfC3GNmaSG-LKZWbMNqdKrHr4bDpQGMi0jQKbN8sDHCdgh6P8MO75pYocgvV2FGpz79D3GFGVSpPk2G263cxMVsvjBO17PXtRsPvmfmU6c8twZilHCyXZqsqbik8-0IGI6KWYNjTg0NS4JaCifA5ltr8X2YH3FrcNpCmrq-D72m7B-Ab_jUtfji3NPmcUsx3Cn2-Q5oxsoWTqgJMe4EbKo0qqiiZrSS39aUez_Kk8oePtYry5sKje0jkbISJX8-llxgsaXPfnyyeXgcu2Y5GZmh2eOvwnpPDY0K3_StUSh8QPJZoLOVBrUyTsGTu51ECKVF5Vn4kefvXRKu6V0YDDQCnMffouEchF_0aiyXLdSxkw36sZJ1ZN_YDefCzA1B0QfGm5F-yDQ9uyncn-4wbs4qoMj98u7kpxtq7wD3ryfQSDlaD4X6b9ayioAiOc0zY4tLN5O1KwxX3wGkGNOCxQbkGIvMhe5bZ2_GApKFbg5Fsm6GOud98eR7Na6n2ND-oUiA3PxtOH9ziiw767rHijObVSGjJE3VTXPe1nL9emVGSxAUTiZ6tRck54J565JVbVxy9HIyPw0t7tkMme-eVXgj59Rwoz7fLVQ--atNz_vyigek1b6kHCCSbWS_keyd7d6rVX7bmBi1Q_KAXhi0bcZe0FrqacjGzRmxXYUmrDlqAityETitBycOtWooJqqPWvBvO0B2hYp5PblWX_qFCPMS8g/wp/AAABhCM2D1Y5Oq5QsaK3fyY7GCrYXArboDUgwg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
75dba37facbfe960a80b7e482dca8dcc85b3d7e5f488dc0c6c145c2fbbd148c3
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=15552000
referrer-policy
strict-origin-when-cross-origin
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
3142
x-xss-protection
1; mode=block
ri
ox-delivery-prod-europe-west2.openx.net/w/1.0/ Frame 9F8C 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-delivery-prod-europe-west2.openx.net/w/1.0/ri?ai=df5245ec-4eb1-41ec-845d-26c1bf379346&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&ts=2DAABBgABAAECAAIBAAsAAgAAAdccGAoxZ0pSQTlDODZhHBbWroKMqe_u75kBFs2v0ZPMsZnTwAEAHBaf-I3Nh7z2txQWt9rfkLnAu8--AQAW0O3ntQwVBBEoJDk0MDRlZjc3LWMxN2YtNDExYy1hZGE2LTZkNDZjMWU4NjliNRwVBBgUTUFKT1JfRkxPT1JfQk9PU1RJTkcAACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpsIDFsIDFsIDFjwWPBY8FjwWhAcAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWqtqYgAQW_MGbgAQW8MK2gwQWlsK2gwQVGBwUtAEUsAsAFQQmhAcWhAcWhAcRNQ4mhAcALCwW4oDCst_ZoYkBFtWw5M6Qi6zW_AEAFtDt57UMBiiq2piABBb8wZuABBaWwraDBBbwwraDBBgHNTA4NTE2NxboYRaEByUEFsIDGAQzODEyFQKWuoqJAxEoAk9YDHoUuAEUhAYAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgJZXRvcm8uY29tAAAA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.103.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.103.95.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
i
ipds.adrta.com/ Frame 9F8C
Redirect Chain
  • https://adrta.com/i?clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=16670380...
  • https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGKBHAKINMGMNJJNJKHIMJPFJ@FNMLGKNFJLONFBMHKGFMHLHLLONEMGMJKAGKKOGHOHKMLLIBJIKLHMLPGGGQLOMNJMEBILLLEKOELOMMF@HBEBH&clid=opx&paid=gc&avid=537073301&caid=53709...
43 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGKBHAKINMGMNJJNJKHIMJPFJ@FNMLGKNFJLONFBMHKGFMHLHLLONEMGMJKAGKKOGHOHKMLLIBJIKLHMLPGGGQLOMNJMEBILLLEKOELOMMF@HBEBH&clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=1667038056&kv11=00894366-fb28-4031-81a9-a7d37b1373d5&lineItemId=540463243&kv15=gb&kv55=1.0,1!adtelligent.com,283366,1,,,!openx.com,541177116,1,00894366-fb28-4031-81a9-a7d37b1373d5,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv9=&kv13=&kv3=9404ef77-c17f-411c-ada6-6d46c1e869b5&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&kv7=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&kv14=&kv16=53.442&kv17=-2.241&kv12=541177132&kv18=&kv19=&kv20=&kv23=&kv24=Desktop_Display&cb=74286704
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
18.206.62.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-62-161.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
cache-control
no-cache
server
nginx
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGKBHAKINMGMNJJNJKHIMJPFJ@FNMLGKNFJLONFBMHKGFMHLHLLONEMGMJKAGKKOGHOHKMLLIBJIKLHMLPGGGQLOMNJMEBILLLEKOELOMMF@HBEBH&clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=1667038056&kv11=00894366-fb28-4031-81a9-a7d37b1373d5&lineItemId=540463243&kv15=gb&kv55=1.0,1!adtelligent.com,283366,1,,,!openx.com,541177116,1,00894366-fb28-4031-81a9-a7d37b1373d5,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv9=&kv13=&kv3=9404ef77-c17f-411c-ada6-6d46c1e869b5&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&kv7=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&kv14=&kv16=53.442&kv17=-2.241&kv12=541177132&kv18=&kv19=&kv20=&kv23=&kv24=Desktop_Display&cb=74286704
date
Sat, 29 Oct 2022 10:07:37 GMT
server
nginx
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7ACE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpkYKhin0hRRrBbYKvSMMT1zpPYFgZ8ns9R5CQAy8wE3Q1u0TQNcAek2pw
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg9dVAR_lZl4DuQB8SNv3B1FKzkVtGgDrwRZEMLEFpkYKhin0hRRrBbYKvSMMT1zpPYFgZ8ns9R5CQAy8wE3Q1u0TQNcAek2pw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7ACE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO081HViIYCbJ-Q0OFw23uM&google_cver=1&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfO...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1OTg3MzkzNjAxNzk3OTU0Ng%3D%3D&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfOvWCG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1OTg3MzkzNjAxNzk3OTU0Ng%3D%3D&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfOvWCGhIYDGAcAVp9A
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE1OTg3MzkzNjAxNzk3OTU0Ng%3D%3D&google_push=AZmPxg_gJKY7P10da8k-6LTIkH8ApP5KY_QjLg1S7ipLb0zMBLrbAu8qL5KlOtm0jLL7SBGx-EVxBgxuMdVNfOvWCGhIYDGAcAVp9A
Date
Sat, 29 Oct 2022 10:07:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7ACE
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOA043QWtPkliE7lYW1dolU&google_cver=1&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFv...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMW8lbuGQWSixrs5bnjb0A2&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFvZD_30vDp7fyJhg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMW8lbuGQWSixrs5bnjb0A2&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFvZD_30vDp7fyJhg
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 29 Oct 2022 10:07:37 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMW8lbuGQWSixrs5bnjb0A2&google_push=AZmPxg_pftWSMKqTeSyCGW9dM5Acwh2r9k9xMLIr4ki4xPfkWbNU0cbs2JVl_fgkEA7O0Qk_EMeJ_s3PqbFuKvFvZD_30vDp7fyJhg
x-host
tde-deliveryengine-production-5b89f5f57f-v957j
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 7ACE 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENRU6DW4KoqgjndF7F2OU1s&google_cver=1&google_push=AZmPxg9qreunnZPwBAQJlv38nRtk2tg3FUw250bS1ATGheuHhRIa-NxvYC_iAm48akfIsJSoyrzWPMrsb5ZN0h41Xpa75bEj6BVA
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
d7gjqragk8e1bspr2hb3gk89dbmnd1t3
pixel
cm.g.doubleclick.net/ Frame 7ACE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAABJMAAAAB&google_nid=index&google_push=AZmPxg9agVBgyUJZUlSy9ETDN2m_6VoyjmtFW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAABJMAAAAB&google_nid=index&google_push=AZmPxg9agVBgyUJZUlSy9ETDN2m_6VoyjmtFWxNhwBam2L76i7_oeQMuneMTioCvO429N5tfz6aNvEcBdFzbW30o7Pb-genjSn1-
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ken0Dsb5uciSB2Hd11y1fQJbsNGryhBxmuiXpfaDGvQ97QXkvenEXkdvfMFI7qovg4teErzc%2FY2CvdiUuxwCx%2BEsTFSHkdX83pb8RfhPYWAP1ci3N8AP0RWS8bS9Gyo8S1jNQomRJO5O7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB5FER34hyrN6SbSw8TJL28&google_hm=Y1z7aRpUQ2tebJf9LHRxQwAABJMAAAAB&google_nid=index&google_push=AZmPxg9agVBgyUJZUlSy9ETDN2m_6VoyjmtFWxNhwBam2L76i7_oeQMuneMTioCvO429N5tfz6aNvEcBdFzbW30o7Pb-genjSn1-
cache-control
no-cache
cf-ray
761b1af3fb9175b5-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 7ACE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJhFauoW_07Fm0P5fqY5cUs&google_cver=1&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Twe...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Tweg2s4YGVGry0FQ&google_hm=Fj7fsBZH5_jFDR6_Sg2D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Tweg2s4YGVGry0FQ&google_hm=Fj7fsBZH5_jFDR6_Sg2DBwj-
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 29 Oct 2022 10:07:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9h3bBQs1CHQWJ_vFSz329qPy8F93W-h1c7PXN350CtpZeLnHzYUb-jm_sCLrlXrwRFKTIo8aRSSFpiK2Tweg2s4YGVGry0FQ&google_hm=Fj7fsBZH5_jFDR6_Sg2DBwj-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ssbsync.smartadserver.com/api/ Frame 7ACE 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECZ7F411334AwOsol7s-Kqw&google_cver=1&google_push=AZmPxg9dFWJ1bOlZAU5_WmOMIaavLq0YbX4o9i8zpqxiAhD5pXYnKec0hw_2CxzEEcZH71zyDsZvdi13Jar9we5v5s1edY0ZJ5UP
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7ACE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Je3NcKg17lXn4gMIGn6z5d3N0M-new0VB3krjourx6LQW-sq8cTuHjGho2qf22hPltmIiB
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELshqelgozKSJBpQkll_lZU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vVRJcQuSitN8uZD_xT2D7Odt1hbQ1UQ5duj5GSQVIqylzyiV65COTficg
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXhXVUdTcGoxT09JS0I1&google_gid=CAESELshqelgozKSJBpQkll_lZU&google_cver=1&google_push=AZmPxg8OmjdGshE96VUtTqEslwJZAYD47NWdV_jWiKop1vVRJcQuSitN8uZD_xT2D7Odt1hbQ1UQ5duj5GSQVIqylzyiV65COTficg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP-jrieaxCTLrG0Kset3qJA&google_push=AZmPxg-Elzmv1Z17jBTVMw9mH8RDAKinRklOca-8Q8KBxKcJ14QDlQnOC3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP-jrieaxCTLrG0Kset3qJA&google_push=AZmPxg-Elzmv1Z17jBTVMw9mH8RDAKinRklOca-8Q8KBxKcJ14QDlQnOC3Wqq1bmqHGiBAEShyanxOvCiXylLf8YbKSk6wCj91byQg
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-lcy19227-LCY
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1667038058.576260,VS0,VE77
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP-jrieaxCTLrG0Kset3qJA&google_push=AZmPxg-Elzmv1Z17jBTVMw9mH8RDAKinRklOca-8Q8KBxKcJ14QDlQnOC3Wqq1bmqHGiBAEShyanxOvCiXylLf8YbKSk6wCj91byQg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHZyBVx8ACpm5j6OUneY-Ow&google_cver=1&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ04s61LQaHtw0lPQQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABBD9E51FFCE48FE9EB595ED6A1A9B9D&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABBD9E51FFCE48FE9EB595ED6A1A9B9D&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ04s61LQaHtw0lPQQ
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ABBD9E51FFCE48FE9EB595ED6A1A9B9D&google_push=AZmPxg9-oiQF5l_tBrGtAHelE3TXgrSwgwphg2LYTMN8Q3-OPOVsiuDEuzxg6-Z0G9mM50Fa98Gey6CGH-OazZ04s61LQaHtw0lPQQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 28 Oct 2022 10:07:37 GMT
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN8zcl6GuwZPmu2mM_WwgmA&google_cver=1&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEN8zcl6GuwZPmu2mM_WwgmA&google_cver=1&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAb...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ&google_hm=6ri5XtdPQCiDJgLXeb1ueA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ&google_hm=6ri5XtdPQCiDJgLXeb1ueA==
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ&google_hm=6ri5XtdPQCiDJgLXeb1ueA==
Date
Sat, 29 Oct 2022 10:07:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJWqgvU5GxX5gd3qt1_xZW4&google_cver=1&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ue...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ueowEnTgA&google_hm=NTU0MzgwNDgyNzI2OTky...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ueowEnTgA&google_hm=NTU0MzgwNDgyNzI2OTkyMzE5Mw%3D%3D
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg8mXw9uXI_GRB6wsUfVZ3-vlTmNb5Ba4uqv1l6-dErnm8VJzq-pcp1-3KcpCrOvCJPhkWfo4SENSH7eHEFRaCGW5ueowEnTgA&google_hm=NTU0MzgwNDgyNzI2OTkyMzE5Mw%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ8OnybiZhFanm5V3rkcJbo&google_cver=1&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3HP_xh5HgbuI7_QaEM3HmARCry
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3HP_xh5HgbuI7_QaEM3HmARCry
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&google_push=AZmPxg_Vhu3Nv6zXMJE_zriH7mQeOZupRKC9l1VQJY1cbfCDndOxvxSQWZ0Sw8zMZTwuv3dfpH3HP_xh5HgbuI7_QaEM3HmARCry
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7B43
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMiZdZiqMAg55UGZm3Y_yQs&google_cver=1&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-z...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMiZdZiqMAg55UGZm3Y_yQs&google_cver=1&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-z...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01eWx3Y2tSRTJ1RjhuUDNmTl9JcHVQbmFKd2oybEVYQn5B&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01eWx3Y2tSRTJ1RjhuUDNmTl9JcHVQbmFKd2oybEVYQn5B&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-zABRnPN4ESXtPKczOKQhVxaF-1TWw
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS01eWx3Y2tSRTJ1RjhuUDNmTl9JcHVQbmFKd2oybEVYQn5B&google_push=AZmPxg_RM16cO_Um2QhnlFVs2_kt5J7L9aiSRpPGEsZVV4Ooh6bJT6Ve_hmC8Nxt47C7Pl4S-zABRnPN4ESXtPKczOKQhVxaF-1TWw
date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 7B43 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAOvGzWDHUr2Dbk7E8rCMPeMvFoKvaqvJX1Cu-2eRQ6O1yEh1GaxolIiTbnjMGCMeds_zjZQ
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 550B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
252364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
expires
Thu, 26 Oct 2023 12:01:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4195 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
252364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
expires
Thu, 26 Oct 2023 12:01:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6D1F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
252364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
expires
Thu, 26 Oct 2023 12:01:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0C03 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 Oct 2022 10:07:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Oct 2022 10:07:37 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0C03 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 05:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Oct 2022 05:27:08 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 550B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 4195 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 6D1F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
noah.min.js
bucket.cdnwebcloud.com/ Frame 63A6 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1667038057600
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148813&ord=1753414525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:48:01 GMT
content-encoding
br
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 12:39:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
80377
etag
W/"79bdbba51b195bc000950e9ac2e73e9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Q_fOlAeiUk-CSAko-69o98-iJ6k5CN2UIohcyHv-ut0kSW4PGO-NVQ==
noah.min.js
bucket.cdnwebcloud.com/ Frame D515 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1667038057601
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148816&ord=4010465823
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-129.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:48:01 GMT
content-encoding
br
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 12:39:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
80377
etag
W/"79bdbba51b195bc000950e9ac2e73e9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
b3MJ1jn78UKOUBeIAntE6QKOcmr0XH8L32WEFeFiWu9bkVjUKod6ww==
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F5A1 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 17:25:10 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 2835 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 17:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60147
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Oct 2022 17:25:10 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 9F8C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:37:05 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 9F8C 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 08:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
2TC9ERRJ69XYH3XD
age
6794
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
eeFI8KvZzWfbJWtxzipjo84DIL3ac/vLFWcn70BGNegCVXzQFAiAQAn6rYAvYBvRwy/+PIv0jL0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 9F8C 		565 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 17:50:00 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
JZ23H3VB28GSG8T4
age
58659
x-amz-server-side-encryption
AES256
content-length
565
x-amz-id-2
DcqHXZjJVITDCzQodisFk7MTqF59k1JhZDjZpJbJkvx7T8Y3clv7zYjDaQzJ7nUvRIfoGOX8Gjo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
max-age=15552000, public
accept-ranges
bytes
atp
neural40.cdnwebcloud.com/ Frame 63A6 		74 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/atp?1598135257077=&n_o_aut_tc=279148813&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.235.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-235-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:37 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
74
content-type
image/png
atp
neural40.cdnwebcloud.com/ Frame D515 		74 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/atp?1615014546367=&n_o_aut_tc=279148816&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.235.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-235-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:38 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
74
content-type
image/png
Gotham-Bold.otf
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		154 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 21:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70565
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 21:04:36 GMT
Gotham-Medium.otf
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		126 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/Gotham-Medium.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60432
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 18:13:41 GMT
Gotham-Medium.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		126 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Medium.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 00:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60432
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 00:00:52 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		154 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:35:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70565
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 14:35:18 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 0C03 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:18:51 GMT
x-content-type-options
nosniff
age
301726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 22:18:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
75164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 13:14:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0C03 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 05:09:29 GMT
x-content-type-options
nosniff
age
104288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Oct 2023 05:09:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2835 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb227b04e4ea2af4600dafb200a53398e183e474b2bb28962340ee22b5da1774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5842
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5A1 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
251e1f4d125ccb08501f8646f1e483aa95805e8070bd0493000efec683c34bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5795
x-xss-protection
0
hqdefault_1250x655_1.jpg
s0.2mdn.net/sadbundle/8247371334640730112/ Frame 0C03 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8247371334640730112/hqdefault_1250x655_1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d201d6e70be1d78bbea34fc382ecc286ba1b796c143ca4969d92116560e5c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8247371334640730112/CR_popcornews.com_BL_GB_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:03:52 GMT
x-content-type-options
nosniff
age
446625
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85837
x-xss-protection
0
last-modified
Sun, 04 Sep 2022 13:25:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 24 Oct 2023 06:03:52 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 9F8C 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 14:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 14:40:45 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 63A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskzRupRDY9bSUmN0A1KtYNvtpLa8qip2nW2-niE2SbEUkZ6ulWS5Agnv1u4J0-MCmpl17Cd53ZpAuWZY2aPYIu4a3wB-6wWAtlen-fqSW1olxkQ9GV0nqjF33IOd2ryUoYgfcLhlU8BlFfJEwN9gTkoljbBQrfmHFkCYLuPBblS8WYTBafxNrvXrw2iMfKbZt7cVWdVe9WLTEdVRRYg1kucniurkdjtCZnToUvL2p-TybvpH5cbWE_15YD2oCPGbLfricQYW-aH0ZY4I8BeaB4HsbD1jcNcxQG2ZxFRCZRKF1giKwJXfVuf2Q2w8LoYBWZBYB5iJvTSuYLq-5IbkGPCPBt4w3KwB40EAID_LqtcyYxwPXojjaWI-_IMuBkBi_-QIS20BPtm1LYZbL8XxteRsJtXBuQ5izbBrPPAt5BO9gqVmZAfO-lcqRgsknsymp1CGKMFuD6etX9Uq8JVGvK1DNPwGrDGbgFWKIKt1KVbSkyB_4Mj0yJJ434Ix1cxP00JHZJuJ7-WsLCfn6zPZfW5miy2YD30I3_qVSZBshp6KhQ_dmZFmgyfj9oQNOWTbV4_XWVm5r_fRCR-gIj7E9Cq6qJS6u2c4jhxI7EnGEZ8BuI048myNCdeLvKlkMqgSEhRz2WePBR-OelYw9QUuzbcV1cxSzjvLBGbFPbyW_0l5hs7gdlh3Rzg7dgkwAIA4-K03ysPWZs25xEh-_zlOYuW-vsxC_VMG8IgWdsj9I__aS8yEWClkmhvMaGaL5r94Ehu1dWYqAQX0UBrLtI7es0LbCc9E_dAiAiQpn2SNBKE_p_KBiPHpPIlF-R6Ml9MKJeP_CHm5WZoFFZ6mx38PojxXKIW6dAarH2I3G_XyKSEfLfOEqTDNh1g1QX9Nll9JFU0qWaXOYCrYfNrjKOKIFSREQlQzZq_bqTO8UWM6K8M-iWE5uW-6TbtmssUE6y41wLdcHU7R75tf4xktrypUZ3TaaD91Qpqm4huj93uFw11jZi3FKSrLojaIH7Rp5QFc6OCQ8Qi9fKAfPmzaLZkkjIeHDhiyJs9_72YnZBV1hCQvFaVsG_S0RlXsWvhh3itDDBMEfsj--wEI75DOuYP9VhIz8V9s7tvNh1nY66wG4Y8-Zk5hqTSeEDbOeHKtC1uCUcb8jrmBvTgbcrIkNJdwz-qd6KAyQf0DvgWf173zn8S_-Qa-VMlRDqR2bMtM6G-nW-5lM2hq3If-UcJj9esE8tKxTRGpPSX9N5qoiKrHmHwt-ykgQojA&sai=AMfl-YS9O3LOOuLSRAP4qe1n62stUux8Lz7Xd0PB-3yMOg55XY4VR0sxL9UWTs3o5s7L92S4A8Z8lGXeceVwjzuO3NE7q94hrHlxuJqOQYE75rA4-aSQ0DL5oW0hI64aVWHtQ-pBnMrDVK2D06-UkPLuotmpa5XAfIKUF03dlJ22C_fEL35Qm9JBBiiZ68DTxwLFwNEtc6y0Km2JXR0r9-qXK8_w21czow&sig=Cg0ArKJSzAR8JvqKLo1rEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=698&vt=11&dtpt=424&dett=3&cstd=269&cisv=r20221026.44827&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D515 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOv25AuMAuSdONe22aXvmAh1E0YUFggKlkEB6413MRY1GMq3Gx8vRUHnE0sdk8WyerZJwUl2QodBUFFckYH0fj-MikpurnNDZOkx5S7IRgM9wgByHHW2D4u_jFZPEXgZPWH2bzn56P_Vzdn-vwRZ1izhQibdkeeE_huXX78hBXnbZr56gZPkdqbG2lcJg-FxwmH35U5rOonytxKHI7tHJK1_PIPVtBVF4UxBipVSGH1eTSSnqrvzj_BahmkdzGI3ccdKIwY7nm44jrp609jv53a2s1VVLWVb1rNxQukPekChByTHinmQ7cXCqss0xU1N4rIpCZSmEKJGMfOTEccgsQXayYfVndGdD1o3Py0FsAb2DnwYMIoO_qrt_yx-05hUTOa4_7gNcjrDK7cm6TFjJV65O98e5C6VcPW6r90LfFdnTMI361AFi9yvlFqxqasbkG7ZlSdLW1DBKVqH3t8M-iOx0qgX5R9BfcwZ4hFdlTHvdPo9oP83gDBQjA8aSsidpQ70NRtrwS497SeitxC5xiV5fzu1n4pUI9SbDTNP2dPccUr4RRV83HBxgHElal2tLYriyN1bIxpCoV-5FB1wYfARQB5wffgq0L1XsGFQibRc8JXNrAQNF-badip2LENPC4Re4zDI-H2DiirRkdDy4sIelwoCHGEBlsglRJjJARBDsaSGImmXVPzu5NqtdZ45e2oz-uFX79kqTOP4JQj5hKGWOdH9PxBJDOkxzrstpH1tVxrj3aMymCFn4qcVHqu_CWzOUvULELVpUEXdG6raknYs-SI4lvWLMzzzQw6GiB29RHPhBCsyp3MGx-cFu_3rS8H-t1HbRfic1LJLuILEpTXm7zFI-0_YzvivCm9iCrYiXuAGKeU4yWNmf48_0BkJw6vXe0SbAdTsPZlYeaJn4-QNFJinFTT5PN-0pj7I3EuS6BEi4o0ZdSWDVubGeJ__3i5NTh3A-G06VtrqqJjd8EFl85QrQFUDFB8gCmf6VsJoYB2npXy-KxxvezFE6draVEEhjAdfvaiC6lqRjL7g_eBqDdy4q-tyE_E0EIht7MfN2rhJeK0uiccfNTjKjoSPRQ0XUdmVAsx5tVbP33dBYJ7Em9_c6magyqrRfhnxNhc2AXsj-Gp0TKZdVmC1jY9CaM1pj45MZc7b7QBSLMi2wiVoyM2Dhnp4qCAiX67NQTadKAFUSiFAMIqL3V0fkyBKhOMzchnCgBhfQ7ltXHCpUTbkHcQrGU0ipf7jArTDjUfiqlBh16dEQ&sai=AMfl-YRIPbjxoPO9rO9Rco3gGgFb67Cnd7VHhFou0yffnI1WC3ouTCR-wuHBfB0mJbuTreegZz0wr7AmZ71ne5NqIenJv2UT8Mj1Rau7LtfVVNT6uWjUYmu0HgHSQOo9Iot3-HzXaWuOXJMx8cBeAkz74j4oiKwvQ2c5j4E7MN9wK7wgf4zjINTfyuXC0F6D3pO20mQTHQidQ0jH1v9dbCajkaDSOoepgQ&sig=Cg0ArKJSzEnCNQgJ2FE4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=666&vt=11&dtpt=430&dett=3&cstd=233&cisv=r20221026.81038&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:37 GMT
truncated
/ Frame 0C03 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
B24066765.343423792;dc_ver=91.268;dc_eid=40004001;sz=728x90;u_sd=1;gdpr=0;dc_adk=127398025;ord=tsoy0g;click=https%3A%2F%2Fpr.ybp.yahoo.com%2Fcj%2Fcd%2FXR5Ngaas8xuabJ-AwK7F_fJSoimfzQKVbUD8Wn844xG437...
ad.doubleclick.net/ddm/adj/N1224350.3730881DISPLAY-VERIZON/ Frame 9F8C 		58 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1224350.3730881DISPLAY-VERIZON/B24066765.343423792;dc_ver=91.268;dc_eid=40004001;sz=728x90;u_sd=1;gdpr=0;dc_adk=127398025;ord=tsoy0g;click=https%3A%2F%2Fpr.ybp.yahoo.com%2Fcj%2Fcd%2FXR5Ngaas8xuabJ-AwK7F_fJSoimfzQKVbUD8Wn844xG437hD5ldKXOuzviX_JkTtL27xHvVyyjJiW3nYjvZoYHGV1qREdw7OIsLLzRnfpfUTW_UGB0foqAB2puhZPO_pvBgFDzk0wUUglErfIsfHF9-roQEJUcpwCmneNMP1yGaFgT1-6YRB7d_Syd7KCtfRaim6BmpRFp-PMW6hMYj2RQ9s5u1Bw09nQAzu30VAIE5lzMhZiOXjtzSGHTIvRz4s03FtEE5sL18%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fntn.ua%2F$0;xdt=1;crlt=n8M.h)TK7.;gcsr=m;stc=1;chaa=1;sttr=74;prcl=s
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
cafe /
Resource Hash
02cd665bff4a3a13e9a4eb41f2cc1d074421d15526b952040ef39df2bea5c1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avw
neural40.cdnwebcloud.com/ Frame 63A6 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/avw?1534296156263&n_o_aut_tc=279148813
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.235.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-235-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:37 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
avw
neural40.cdnwebcloud.com/ Frame D515 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/avw?938439518881&n_o_aut_tc=279148816
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.235.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-235-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:37 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sol_logo.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/sol_logo.svg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 14:49:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1118
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 14:49:47 GMT
texto_logo80.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/texto_logo80.svg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 16:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2164
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 16:11:16 GMT
palmera.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		941 KB
941 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/palmera.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 03:41:23 GMT
x-content-type-options
nosniff
age
195974
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
963679
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 Oct 2023 03:41:23 GMT
palmera3_1.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 2835 		490 KB
491 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/palmera3_1.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 03:25:25 GMT
x-content-type-options
nosniff
age
110532
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
502226
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 03:25:25 GMT
mallorca_pros.jpg_1641818490109_mallorca_pros.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame 2835 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/mallorca_pros.jpg_1641818490109_mallorca_pros.jpg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1b3a450d7b92628aee8162fd08be46df73133c4d0b50432797c6901d9c9a1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=8L54wMAWxR&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 16:25:43 GMT
x-content-type-options
nosniff
age
150114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116718
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 12:41:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 16:25:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 550B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmnAmaftcY7qYA4SU7_UPie6QqAEAAAAAOAHgBAI&bg=!rq2lrenNAAZPh4lnb4c7ACkAdvg8WqDPr54P7sO08X9JLjmsSqPO3imQHpIi5sjzR5xzhNkDsgkl6QIAAAEiUgAAAAJoAQeZAuTmsIHHJSrCFDoVTrQy-7pQyTBeiDBda5xN62buIeyLIME_oal_0ZUDrFrspseJcCpqPy5Qw-wwqFYlJYItDkEbE8oOAyk09nwi2dpsJf1t4quPOy1t3XC8FcNxAvh0OBh-qvCpQQLrFpmlUpX71qTX65NwiWOmMblhweHfheNROvXMxtl14Mzy6eOasl88JjjkkXs4zmBwCrcv4qLry6ws8gP0CYBH7Bz_3jQpFLrGNG48X1USdsx7ZYqwTq9TZQiGlHnBzgbPcDtPToPgfND-M6Cz7LtV9PSED_3k8kGm4HryQVUd7fyBwj3zbnVuF8SoWx0CY1wUb_ZD4l9xAk4CGdA3TxNITcVPJrlhM4VMpLkUK4dbTk0itPGBRhk56azoDKShlitFioluN04IhoVz93_5etjYFIQjNhDJMfLr2SJkBcPIwsQGYOHFmUBI0h9zHTdMGFQsSqVT5XGgg6h-4gROQdxrw7K-Iq3zJEBuVnXRZrGgwdav7hF7TVweqWSH0GufTuT8NkdzKUqa8-CAS2f-eF1I5K3RmZ6tOSC5tHJHKmquiQm3DOE6nzYNuph-GIUZwJY6Gbk0PF3cjh_7UEEkFrHWGdKWYp1YLWdADlxnIV1789xlHmWday-jukJBTKJble_PQEpgAaNQ4o7mSUZ3rP2_8SzMelKmLH67Nvw1pyjoXm80rgAVbEnyAjLwXzI0weUL997IgCS9DgFVpyFdCM8ZWUhrlumb93Weoyf9BeD2gypA1ivj-zIHNKxhDLuQkgxMOV_tm-XSmehB2LVkTUPngJ_LCehp5VW1_Z9htnl3mkzMnBcJzByewJsuhTM4oXsmRgqvLRQrSi2S3_xWNu3CGOKEMD92sghd7xQHLpYADCqRBhkwy9zETcUyYzZ17O3_uXuKfBxp4b0gMKo1DCym8eH4BawHCTlkldD2s4BdJ4roIZMGPqhTfKEfcW_LLe72lAXa-4yakwOO0D48bw
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4195 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdJkqaftcY_C8BavL7_UPzOaqiAsAAAAAOAHgBAI&bg=!c3ClcDTNAAZPh4lnb4c7ACkAdvg8WnHdNY9GLbm3MY2JDZvlnt_9df6H78pI7UpHe9vTtXM7Vq5yeQIAAAEWUgAAAAJoAQcKAH61M98ak9O8ZE_6fw3j6hS5hiX0U5LHgpI3E-RwFwS-Z4B2T-C4ZRYccZfXgPw4Kak0Et1SjCbBG6C8Ok4iN2xcJhQuKSd6lqN_Pqgp8qQp3QPbqXFAqiidjgx0P8x48W-FKifkzgDgh3HtJ1ex95xxUBBWlESPgrDkLEibL4OZAuE_tpJRmTnKZjCcHAkPjJPKGRNXPfLiTmVroQR14-HpawChnZQlVxb9LGd8s-HPy2uEKnp8jBM8Tnf1yG6NdTzxEK-ZTUHuj3bKe4d3r4o5LLY4pTRwjb0ZDOn41iPih2DPQQNDgYlpnjEVOzQuN3wVdTn6Y__ZpCEmTft0cxI_9GvAIKuCu-4Vy0aat3ouyh7f5UZ4DBHQ_OZneXCq49D6T6eAZDRg1bqxB45CsQsW8enBSe51t2zLVh_jCgKceGg1g3zMHlOmDwEwzigJl6-SNVLfZEHUm6EX3xX6GkoTA69BGCIlqowM7qdZjQFv8dzUzLA4wA8lm2UTLBTmzyK1xQG4v5_UwJCq2ytuxNWjoy2Qzv-0eMh4i0IKLiMRPegB1veTxM6kxMnEE5l8vVfgQFLjdLvwrIBGQc6B6VnZoCbvto1aTs-sXe-TXhPwOdSirhv9pzagQkJJGNI3tjqBW3tg9Tt51TnrYcZcj0nbnLBCKUhNhrJuRjG70fEHUtyq9zEbptdmpFMfBIRj3bIelShCaeMQqi-PgbPnuTdMikT3b_p4_sR7aKsxUUlAsV8bRLwQ-mQjODU8gWFOzzbedwyV02YK67BdxYviQOTpLt-zT4MaU8bDkdq2bK-BWcwhTsy11JDa4-iLyXlmkjP8cugMV8SJ6qJnZyR1tGsVin9Gpht6gXz58WFrP56R6ZRLr65b0YTI4h_6M48vq1jTnFCk0ZCFtqv4Qh6fMT7jxk27LVNCz3ad87GBjOeFaJRIRxBm8LYPNKOlDeqX3cECRVTTFeCaTc4k2FR-dnurOgNa2sdDdioSth7XhwJSTImURPtz2v1ZtXKGsKppxX52pHx2fbzh3_1OXBGdlb80TdLumu1HotOLiPUzQLt6566sSCtRUO-tEJqgYIHp-GKLwl2axcW7xRUoteIYtBCWT-_AzNjOvDGy3eCaoWkWHFNqmU3skmwu3UCItuM8YuPdJQ
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D1F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYaAkaftcY7S3BdTl7_UPzOGCUAAAAAA4AeAEAg&bg=!l5SllNDNAAZPh4lnb4c7ACkAdvg8WrVHz4BMDCHEq6w0v2fTWqvAbIeAOzZJjm8ZWVxsSdi1tNPeiQIAAAENUgAAAAJoAQcKAKnwVzxsFfdPgjE1695yHAglbNa11yQjhczSInF1IPQVKnTJb9To3hu4Kng6httqOMnKwT1JcFGd0D2JeE42q5bq3DoW1Pkqa90G4VzT-axi9IHP1mbJxSMoHJX5LOMszk0rru5KFI5J8dYaZieCub2YQupGZvLUihii_cJBDDPl8gU3itsmccxwU5hStj1Nq6TVp3mjtqmrBHPE6gm4rC6JIzmLIa_udVksmQLmwL-agls-VKg2YnQBCeV_eMo-T-dT27oip7Gzj6pjKxrjBFwPZ6IEz4mvRX46PMQ5hvT4qWKAicoDY4ZKdD7nqjqSdRM3lJyxQmZY0h36i-gwr53ZzpLQDJHicnWgrFWQE-1yUX7Xtou8oYhODqOmJDD0pWmgnawaWQ3I-fHPg9rxio2JDdQvA3icq3Wb_18Q1CxnjeYcIzqkG4QPIKij4BIqoefP0jtD-qjfay9qZpHJvozYl2a_k6Bvx_ERH53OFkBgR-_p9SZv7iIOq582zFLkuYWFVMlVKRyjOAIXvMUIbp-_gAGfjFndKQOThal8bFLI6YH7BYl-pCNc2Wshzhzm3WSphz0eTeeod29FWes5Ou3JtlaIvaFht9FQpVygB4u3rX_hPEjQF4XhorD6r0OqsWtGxvIG2RPifxpHN9xsoDr3LHylvqerKeddY0X--imz-1E7b8nBVhxTcEwoSmmLoIfts7A83hudRUVkrKyXjojDH0Y4wmohbJw38uQ-_yFJvvJCat2G_RJiyAfndzP1tMgEVS0FZbyXPHPONGxuDIkYtqPidxpJ2E0KhPLuk1W60foLRTKSGKw5gwDrlGLzQai3n6A7EOtt2SI8pM3Yh0jBVkazmU7o4NKQO2qGITH-dt19q2XY3SjW82LpHz9fyGXPzjsBR8g1NpMxhEDeAebm_eOyerd5-E2Z85ki5rzPUlzSHDBvPZ48ErSUaFEkpK0_2TOiEVJW5CFn7fjkqEwqnxPvjcVJLCl-VOQAEut0wRj_M1svqDC4JtYn8dqC_j9PSnmVfsrYGZll_APCw-UZsvrchzxVADJnkIhpm5A_6pEEK0NA-8FHYYtvuX2M3ELJycvPmFO21x89RoxVhCHYsYi-JRmoAqJNsmE0Dfcj0tDXr1Fn0h-mJN55LWJ6uVVBD9vrpN5g82E2daxyMA2WKrkNeGYmHFwsYg95HE5oIlt1knWcnL7JhrZtrAHrOlvhWw
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2835 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5A1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8FED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3-KZ_AiM8M_R_7e4w3RGAclfqWRTuSXHQsEo_x5CDYjWsh34IbUdm-wEUGtw64DlsieEzNZA8sLCuXfe3kcl9dHi7Sh0-TRk1IKRIVOtenaGiuSNrT4H6nMOhxTJVYeMv9bX8NHZfT_mFudgZSF5uUz2S6iPmDOMkIDfp4LzFsiwSHBMFrb15b9I0ux7NrWLG0BdFr375PzG83TkRzkV-YrIm0ImsSnVSPbfqHBx8hNE04Ioraz5Pp65d513nPyAhNgps-z2wSR1xnHzdXrn7qofER8utVElP6rvqH5dH3XK1k5CalaCoOtvOhU3zcLzyNhqZu41l6GACaApfTGJq48c4wlfYRB9x2FR9w6ukiuTIbu2e2sgJY_xyCsZPYs7uZXBudJe76FeL9Vpg94kb99I_304JgCy9CcD8YPKzs8p7kRwp-q7cnF3EO7T3wNedx2_UWU0LxNBFkGd6OLmUtZOW3f8QcSvBZyeURIPVmiVn7yt8OVrH1OHKjz_vMPk1dEnfGND8WdrWL0JXcj5zeNQ4W-yckdr5g9Gfj9VZSIi4zsUqFEQYANyZGK1yefOp_dXyI7K8FIVCxqj9gZVf1Eb_zBmq5MYS9E3Rz-PTrpnRKvGKWZ2Bj7N3INSm48Ej9s01XF4nU_Ui2NGHkluHk1DJYxNzR8Fb7caSsq2ttV640qbe8og8YU5Ocs2rbvFBuvsEA8UKZ0uuOPymFBLIagTmFItfy6WPNRTs7_qJ4wp9bJec9VbCuf4VLSHFA2WYx2FVKLFafTzxZqbCnendIm4EYThxRbtYs4HsopcjJCioIRatHYHVGEOgD_1l9Y9QUnaz4KvGrpRMOyCSGnShnUSBIzZ2EjPMVOXIOqbiQ7hbMDXdi5aggOuYFR8Kwyv6ViDKo3YsMrRmd9Zt3TUyT8Jc0By565AISqVLnu75vIoCMBsI33KSyUE2un2vzfexnUhyJ6roOXy2V2aNVhRLHgbLyCACo48TthHu1peLecAt62VYn0hgHC5HSE9GvD7yNTjIyHAI-8ttoXDJV_f7WxISPPCvOnpFvvVXuiTvsa3w1H1yWvogmClWgZd6pRV2ud4lrC69hOVa-6QcHfMhCxM4yGk-xQJel1vgqk-_aKvC3wCXikl5VHbgKDqsLrjVLQR8Pm65DnXAu8R64ashI0JcKM01csnd69cjZzBn_Mn4oUBNhoo3BmXOMFNlbAkAFT9NKZV0OKXQ-GxivFtOpWboM5sPf_stHEpWl8kHWdslGwRpeCSq-by2Vjgny5We73BFxuQIqTJhUEmtfKcYZIhTvg&sai=AMfl-YRVa-f1R0LjszPpUWD-JZ01SLNYtbkDMiTQrjXbZiKb51sgCfAkLNfuZb9T3AXND0zZovyZxzBbhzGoqIj1QZL-AyM2wqTS6DrVZKvI2w-ItfAE0nM6KG5onV5Sx5vlLsIkxXKZkINyIrS3KlaZPKw9n74s3WDaz3qpQ4M4DuqFiY8i4cOPjbZFoV8ubJLPnJYg93XTWWMb1d80dDiFwcqJMQU8hA&sig=Cg0ArKJSzBHaNT__yQRGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=791&vt=11&dtpt=558&dett=3&cstd=231&cisv=r20221026.90165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8FED 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf9750a2fa19469c12266cd9bbb2e6f2e409cf643aed0940a4ea195fe1f4c8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5852
x-xss-protection
0
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 9025 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8FED 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:38 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame 76E9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 30 Oct 2022 10:07:38 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19294/hbw_master_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://ntn.ua
Date
Sat, 29 Oct 2022 10:07:37 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame B70D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F8C 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/ Frame 9F8C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221026/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
56727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9F8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteEoMxmxBhqbrHAjfguW5C-LRQ_ysJ_j9gwpsxpDCGzYI54PU3bP27K7u892B6ujymEXjUZsuGIPth8_qjnt-z4qJCJjVFdBappADQH6-zxY5tq6DyiduD2IH5ECbdoWo-40Wby69muXiYtavX8TzJ2kw3vFUcoHi_rlIWQogJaw&sai=AMfl-YTHA2GgWLgv6s474Sqz_Apzm6TsCWfo2BslBgmLzrf-5CQnhLiT_gjcVS2fddRLzxhuWXinglBWWfSWS2xsH-_P6wRxQxWeD3TNL_1w&sig=Cg0ArKJSzKyPRmhVCDiQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221026.60768&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9F8C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:01:32 GMT
573087045028117104
s0.2mdn.net/simgad/ Frame 9F8C 		511 KB
511 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/573087045028117104
Requested by
Host: 34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9c1587baadf5c93ad4c9559f235385a34e43eed2157c3203d496ce4e59b1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 00:06:43 GMT
x-content-type-options
nosniff
age
295255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
523066
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 11:14:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 00:06:43 GMT
mallorca_pros.jpg_1641818490109_mallorca_pros.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame F5A1 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/mallorca_pros.jpg_1641818490109_mallorca_pros.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1b3a450d7b92628aee8162fd08be46df73133c4d0b50432797c6901d9c9a1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 16:25:43 GMT
x-content-type-options
nosniff
age
150115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116718
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 12:41:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 16:25:43 GMT
texto_logo.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/texto_logo.svg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 01:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2125
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 01:32:28 GMT
sol_logo.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/sol_logo.svg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 20:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48754
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1118
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 20:35:04 GMT
PALM.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/PALM.svg
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 21:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1519
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 21:04:38 GMT
palmera2.png
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		960 KB
961 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/palmera2.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 21:04:38 GMT
x-content-type-options
nosniff
age
219780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
983441
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 21:04:38 GMT
palmera.png
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F5A1 		941 KB
941 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/palmera.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=Pwhrte4zc2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 02:32:01 GMT
x-content-type-options
nosniff
age
113737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
963679
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 Oct 2023 02:32:01 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 30 Oct 2022 10:07:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9F8C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteEoMxmxBhqbrHAjfguW5C-LRQ_ysJ_j9gwpsxpDCGzYI54PU3bP27K7u892B6ujymEXjUZsuGIPth8_qjnt-z4qJCJjVFdBappADQH6-zxY5tq6DyiduD2IH5ECbdoWo-40Wby69muXiYtavX8TzJ2kw3vFUcoHi_rlIWQogJaw&sai=AMfl-YTHA2GgWLgv6s474Sqz_Apzm6TsCWfo2BslBgmLzrf-5CQnhLiT_gjcVS2fddRLzxhuWXinglBWWfSWS2xsH-_P6wRxQxWeD3TNL_1w&sig=Cg0ArKJSzKyPRmhVCDiQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&vt=11&dtpt=105&dett=2&cstd=0&cisv=r20221026.60768&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 13D3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b446bd33-7f82-49f1-bee2-d4f18a7c721e/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
252365
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 12:01:33 GMT
expires
Thu, 26 Oct 2023 12:01:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 63A6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufyHv5N1NJLbOASIM3N-w9mv78UJAuDeHxCRLn0O92O5DFII1IGv7wCEgEDsYjPFr47nnzscquGg6lkXfgXa0EXtd0PlbkhfJ_wjMBF2GgxQ2zTsP_O2TC81f0uAtFrHibv8IJ2w&sai=AMfl-YSs0CEsSx_ubVWmZK8Xy9gzWgyIIauwHCH_N6zRFRSFoarhe5TGBmXxUlog3tW3s-_p6Rvaq0jNMXDCumth5NSTKeDvKTFZsmwNGE3QWFxTpSKwzQ432xPNWcJWrBQ&sig=Cg0ArKJSzGBq53ZFhZylEAE&cid=CAASJeRok-dgJLNQRRUqF8W-XOlEfRH7HDLxe2RDjOqrsmL3ovHC4D0&id=lidar2&mcvt=1022&p=25,436,115,1164&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3762424195&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667038056774&rpt=568&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8FED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqjt4Ik6qTZYunMDXVaUNd7Tq5H09MLg1x2A9LRIijD3T_Y53lHFf2XoytszZw-AH7I8YT0h4gsVZSU4pNqZjtV7zckzut4RX1PyYuJgtUFJ6FDCqocpePnxhdpR52o_Xha_GyBw&sai=AMfl-YSNkL2IuTtG0OVpfBcapiDkqYkGmLotmyJ9sukjI5WDieMLcXGIZ8iZ9A2-FdkX7bweNgAo-5-wofWCOJrrU_h-zvjfs297yEHLc-u_ng6W6r1hcwi4bYYHgwY0LdE&sig=Cg0ArKJSzHu6PfqiuletEAE&cid=CAASJeRo_Q4JftsMthzCVwVAC3wVzLk9NJbS_9IGhFwVBfRcYpDU-2g&id=lidar2&mcvt=1016&p=1020,117,1200,1483&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3749508852&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667038056765&rpt=600&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E539 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV-sHP8EuOf8meYAxRWcr7AHSB6mKS0pYIGgnItZ32W_y69JAki_Hbzf9FIsRj7AFSa-zQfvta6H3uOO5MsHJadb3uSYgTCMmb0FmuPwxF-koAOKDgAEW-j_tOtbnNA6UeP_fM2SA1xPhO4_BU968IVIjsnjsaOewHvw3UdggzOyn3Lldx-sHYmz3V4W5X1cQmtTcSmV1ud18dHu17UJzQ-YfMIyNe110EwZz7LhdnQXK3WawuToj5x2Ku0zQiIBlJIbKCFHl3dI7wrvf4kMrteCOwd8v4YASjYrh520RFIdKI3XFpU7aiiOZdXw&sai=AMfl-YQuBNGZesaekVBO1O_uRLJ2-HXUcVk7Qa5WsiYj2BwEzUSHDkLP9JdbuSJByMa1EOPjV0SXErr5ARYKMCTFdU7I4G3cZDqFItgLsIyAoL8WoayoTXhT61Or5ZGBjzQn-g&sig=Cg0ArKJSzBUEMsXL-XUUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 29 Oct 2022 10:07:38 GMT
blue_bg.png
ntn.ua/images/ 		920 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/images/blue_bg.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0e-398"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW3udvTpR9ydJ27YNhyMlk5Dpte2Nk8fhDWbhUacPqlxhYmBbav%2BBi6NjSR5%2FWprPbIVSsAFhmH0hXT1iCyfcp9D%2BJo1E4M2mRmaeJJ9cajAm%2FCeDRM85aXjjnWjn5eJzD7Z2Uc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1af94e87dd1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
920
expires
Sun, 30 Oct 2022 10:08:49 GMT
bg_direction_nav.png
ntn.ua/js/flexslider/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ntn.ua/js/flexslider/images/bg_direction_nav.png
Requested by
Host: ntn.ua
URL: https://ntn.ua/js/flexslider/flexslider.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/js/flexslider/flexslider.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
cf-cache-status
BYPASS
last-modified
Thu, 05 Jun 2014 10:53:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"53904c0f-1966"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEN3IRalvO19sqhIaWYSFY6QJzPK9WOiAZ95yKkqke2wKDZOwXaH0fxkQTvSmCjsF0MJ1jBStXjcDw2WgxzKJeNNd9aBjkYBhWrE4%2B3VNWNFr1Yt3yEyYLqJiiYkdJpEtnAAzj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400, private
accept-ranges
bytes
cf-ray
761b1af94e9add1f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6502
expires
Sun, 30 Oct 2022 10:08:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca258c51e692583ce30d6f843366f05f26c590775a02d2770c9164e46fdab199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11295
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3B04 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:37 GMT
server
Kestrel
server-processing-duration-in-ticks
742508
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
pagead2.googlesyndication.com/bg/ Frame 13D3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yBpsGyrbw-0ekNfFbDofVV3UtCeaMQwd_FuZQ5DuPuw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 09:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 09:58:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D515 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuzLSqaOja8A1kCKubPqBXM8Ts37ch4TbOIuNJVOD_4Yrgucy7rbBOJuqUFXDpSsZDxDd-JjV849iL1eaNBCPr74d_OsER9GZo3i3ISb-W36lyudaEYA55kI3bl4ph__czgISifA&sai=AMfl-YRPnEhBoDihgidBJBFBKWxvg3un-8uNdQiQONlJ8NhJ9QDp6OlMliyax8NSh7ahvHRK6b5me82O1MKJ-u1M2ADrZxcOdhsOvDS8RZFtvCZw8Jd8Or1iDo9TEa3bT3A&sig=Cg0ArKJSzJfEWIq1ySgNEAE&cid=CAASJeRo2vye69I15vBe5YasaCBBQfSG246qTtYj31i030OtsX3Lp6g&id=lidar2&mcvt=1000&p=452,1263,492,1304&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=952306158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667038056772&rpt=630&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102501.js?cb=31070592
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Oct 2022 10:07:38 GMT
sid
mug.criteo.com/ Frame 3B04
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=GiyfsXxhbWgxUVNqei94NXlmU1NwTGd3a2NTb29LVlQzSTBrTkhCZ1BWTXNDdERyYTFlV1RIY05iTHJYVll3V3RxTXhOK0lucTVUa3A3QzFZVHhuWGgzaWpFbmYyYnB2cEM2S2dTb082aEsxcWxNL3dKV0IxWWROdEVocT...
427 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GiyfsXxhbWgxUVNqei94NXlmU1NwTGd3a2NTb29LVlQzSTBrTkhCZ1BWTXNDdERyYTFlV1RIY05iTHJYVll3V3RxTXhOK0lucTVUa3A3QzFZVHhuWGgzaWpFbmYyYnB2cEM2S2dTb082aEsxcWxNL3dKV0IxWWROdEVocTR0aSswNklCRmQ5YzNXWE8wSDZsYlRTMDlUb2FaRXJ2bGY1NlVLeXFxdHo1K21NSjlsNFRTSm1zU1laQ2FSTlVmVURrUmEzYjloNDZGVU9xNCs2MzhSQURFeCttWFZwbjVXcDhmSWkvNVVVTmdibDZ4a3QvclRIQkpsRXprOE9KaVZqaGVWQ3l1VnNocXdmOWw1SHB0ZmQ2S0YxM1ZUQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
15bd43f21156f06872eb9649472e6365c8c17bcdf11ea02c14fce7ae4c918a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2788910
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=GiyfsXxhbWgxUVNqei94NXlmU1NwTGd3a2NTb29LVlQzSTBrTkhCZ1BWTXNDdERyYTFlV1RIY05iTHJYVll3V3RxTXhOK0lucTVUa3A3QzFZVHhuWGgzaWpFbmYyYnB2cEM2S2dTb082aEsxcWxNL3dKV0IxWWROdEVocTR0aSswNklCRmQ5YzNXWE8wSDZsYlRTMDlUb2FaRXJ2bGY1NlVLeXFxdHo1K21NSjlsNFRTSm1zU1laQ2FSTlVmVURrUmEzYjloNDZGVU9xNCs2MzhSQURFeCttWFZwbjVXcDhmSWkvNVVVTmdibDZ4a3QvclRIQkpsRXprOE9KaVZqaGVWQ3l1VnNocXdmOWw1SHB0ZmQ2S0YxM1ZUQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
650692
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F202 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:03:18 GMT
expires
Sun, 29 Oct 2023 10:03:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 625A 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
275aa637a5dfb33e8e7f98ccd2830d58847c87fc6034825a06daa73b48d620a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N6KZi0qMTKJM7SM8hz9UEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-N6KZi0qMTKJM7SM8hz9UEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Oct 2022 10:07:38 GMT
expires
Sat, 29 Oct 2022 10:07:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 13D3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bdr-1avtcY7DKBOGO7_UPwbusqAYAAAAAOAHgBAI&bg=!X1ylXBjNAAZPh4lnb4c7ACkAdvg8Wq7IY3o1uYur1XDfbcMIZe_1NQPOYebOBLkVUQcop2PmlwtgPwIAAABtUgAAAAJoAQeZAy5bPIkoRZ-6yPidd5Hb1Q68JXKUFfT54bNY5-Dr7GkGJcDTmkGm4HelP3hoebmp3lMW09n7gcInO6-rWSakWJvnVeSFYLfxkkD1gbpFOprCMJ2uHkAmCrOR7aHILMCAORnh6CPumxV_8UYpcF-RP8eB-LdiPJpN5aMRMmVCHNEXnkpTl1B6Gm7rRovLWjZKS8J4LsUruFsSOH__Fzci_Dk86Un8WvAZpaGDZ1z2sZJs8rVJSYdMXnJicAZhQSNjO-dQuKUe0lcUqYXxedOH_IU9wLLKqUwWPg4DV34l9NHBNMYwEOI43KMlSqeGq1Cy0Nt0NtR0do0DIGw5fB5OlfXfgUEwVfHYDjZUF_XjLmNUrlmYDWXBjcL9f4BVFSbSf95CrZPIG3IOVkjxB-uR-9pEn-B4H5XLaWz2vG3RM_VELiCpZor1SBGIBz2uPb2p1j_iP0KUlpmhfpaudjIBeN78fpMU-5OOZgzY4Qqe-2ynVGWxp8mUyQF-xPUALR04LSBfTMteHTMXwoOp1-qnYP2WoolZLohRpF75QY9aKlqoqeqLTRcCEmGFuT9pcdK8KVjS4v6MPWhUT-JuUT4axANTN5VovTLBlEQmVROSuaPxA3cKXi1SKhmGaHv0xA3Ri0JCXnRgn_YlGbdeJO1fg40ExbUCmHq2oV3LzAvspfhl9zRah1Xm8l8BPUrCWJ0LdM9wC_S9MxhJg1Hk-GCaiwLSvbhXKhjj5BBBiTGJ9BJKI9x4yrkU-tUrS76DAvawZ-K0pvQxCa15uGVEPt9wQ-XttnBThqd8z0Y9aSbnAlPjQSeRCnhaBi4yR4TKQvkqIuhLObOPHIQu4BxFQKNQbJ3Uco2p4kfTgulRunVQGDNkXyIEecvYT-LFl9zzOw7SB7WQ5pW6soArxWAhVed3tZE4jGhsHk9sYdHAs0md2R-3awV1WALzYS20UwTMjfoFIKfX_fXIkACaLQn3Zbx5uH-j64yhBOP1xBxHXs5fyVlWMQWggoigS8y2TmsbCnAUvqp0kBqswiqBmUVabJ8tVmSTUEk1FBB6108eHshKtBZnkg-vh8rO75wsg772eYLV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
pagead2.googlesyndication.com/bg/ Frame F202 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16061
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 Oct 2023 06:14:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 625A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102501&jk=2194325773231837&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F202 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kivqtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ntn.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 29 Oct 2022 10:07:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2209015
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=2671snxIdkV6b2pGbU5oenpFcGNycGhzaEZPYTQ4ZkdHdUFKQWR4aStYRDJ1RmxVUkJOTjB1aUtKUUx4SXVSdmN2RXE5bklOaE80S0sxR1hYVUdKMk5TUThLQm1nQzR3dDFGbGRWblVSMVdqRGFRSzF3dHFOVktpWTkvUC...
428 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2671snxIdkV6b2pGbU5oenpFcGNycGhzaEZPYTQ4ZkdHdUFKQWR4aStYRDJ1RmxVUkJOTjB1aUtKUUx4SXVSdmN2RXE5bklOaE80S0sxR1hYVUdKMk5TUThLQm1nQzR3dDFGbGRWblVSMVdqRGFRSzF3dHFOVktpWTkvUCtwVFd0Q1NtWXpUZ3NNOVdZY0g1eHV6dU8zQW42emRLTEd4UGpGR1lLUC9wRklJaDJJeWRURHh1YjhCM2FHa01XajZrajZ1Ny9oRjMwZDBXUkd1WFJEaGVrd2FWbnR4VEZFSmhGMUxqWXZLNGxsTG5ybDRmeUVyMEpqRG9FWjRYTzYrc1I4ODRrR1cvTytLbUNQcGdkM0JkUHQxNCthdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2911c21e4bb0bd083e5eacbf8e26fd4a11caaa8c541299ccd4eb9d8e09a4ba4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1583868
expires
0

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=2671snxIdkV6b2pGbU5oenpFcGNycGhzaEZPYTQ4ZkdHdUFKQWR4aStYRDJ1RmxVUkJOTjB1aUtKUUx4SXVSdmN2RXE5bklOaE80S0sxR1hYVUdKMk5TUThLQm1nQzR3dDFGbGRWblVSMVdqRGFRSzF3dHFOVktpWTkvUCtwVFd0Q1NtWXpUZ3NNOVdZY0g1eHV6dU8zQW42emRLTEd4UGpGR1lLUC9wRklJaDJJeWRURHh1YjhCM2FHa01XajZrajZ1Ny9oRjMwZDBXUkd1WFJEaGVrd2FWbnR4VEZFSmhGMUxqWXZLNGxsTG5ybDRmeUVyMEpqRG9FWjRYTzYrc1I4ODRrR1cvTytLbUNQcGdkM0JkUHQxNCthdz09fA&cppv=2
access-control-allow-origin
https://ntn.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
874110
content-length
0
expires
0
692.json
id5-sync.com/g/v2/ 		216 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
82bbb9cd857ae829c037efe704e5caf09313289ba2b6e504a7ac6ac7822ce309
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ntn.ua
date
Sat, 29 Oct 2022 10:07:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pd
eu-u.openx.net/w/1.0/ Frame 0C3E 		666 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
33afc15618454c8ce38dd6cc8c5e1c24ec664eebd88cff105797271e75dfd9a1

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Sat, 29 Oct 2022 10:07:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ap.lijit.com/ Frame 8227 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13459965
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0b419112ce686ccacafac216d9bd8355ad1934a0a0b5c2c2f30654690288911d

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
5697
Content-Type
text/html
Date
Sat, 29 Oct 2022 10:07:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.html
eus.rubiconproject.com/ Frame 8889 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Oct 2022 10:07:39 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
/
csync.loopme.me/ Frame 5947 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D%26pubid%3D11378
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463066/hb_285194_899.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash

Request headers

Referer
https://ntn.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sat, 29 Oct 2022 10:07:39 GMT
server
_
sd
eu-u.openx.net/w/1.0/ Frame 0C3E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5be9635c-fb6b-4200-bee5-7245403ffe22
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5be9635c-fb6b-4200-bee5-7245403ffe22
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sat, 29 Oct 2022 10:07:39 GMT
Server
MT3 4539 98cc2da master cdg-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5be9635c-fb6b-4200-bee5-7245403ffe22
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 29 Oct 2022 10:07:38 GMT
sd
us-u.openx.net/w/1.0/ Frame 0C3E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Wt5whwqPc91B1XHcXdho11yPJNBB23CBX47UOINA
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Wt5whwqPc91B1XHcXdho11yPJNBB23CBX47UOINA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Wt5whwqPc91B1XHcXdho11yPJNBB23CBX47UOINA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0C3E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3317407955325237075
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3317407955325237075
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3317407955325237075
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 0C3E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=47a8d02e-68f8-7eeb-f770-a5aea5cf5a48&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0C3E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmJjNzAzZTQtYTE4Zi0yMDRmLWUyOTAtZmYxNzZmMmQ5NDI4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0C3E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_nEq4QsAZxOuIOtO7b0rw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_nEq4QsAZxOuIOtO7b0rw&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC_nEq4QsAZxOuIOtO7b0rw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=Fj7fsBZH5_jFDR6_Sg2DBwj-/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=Fj7fsBZH5_jFDR6_Sg2DBwj-/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

expires
0
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.6.193
content-length
0
x-consent
absent
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=4210551638128796025&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
AN-X-Request-Uuid
f2265544-3a7b-432d-9b9a-813e613412fc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ce.lijit.com/merge?pid=92&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 8227
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D1N7QA5SHKYQ7X5SQ1VD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAETDU7GufcAAB8jXwd5AA&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAETDU7GufcAAB8jXwd5AA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAETDU7GufcAAB8jXwd5AA&gdpr=0
Date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1667038059377&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=ABBD9E51FFCE48FE9EB595ED6A1A9B9D
0
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=ABBD9E51FFCE48FE9EB595ED6A1A9B9D
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=ABBD9E51FFCE48FE9EB595ED6A1A9B9D
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 28 Oct 2022 10:07:39 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=4210551638128796025&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
AN-X-Request-Uuid
fa6176f5-4405-4488-9250-bc59a0fd4d31
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ce.lijit.com/merge?pid=12&3pid=4210551638128796025&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame 8227 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8227
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 29 Oct 2022 10:07:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=fHC1r1Als2bIq6OyldEg&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=fHC1r1Als2bIq6OyldEg&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=fHC1r1Als2bIq6OyldEg&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT, Sat, 29 Oct 2022 10:07:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 8227
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Rmo3ZnNCWkg1X2pGRFI2X1NnMkRCd2ot&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Fj7fsBZH5_jFDR6_Sg2DBwj-&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:aa57bb079cae59af080f137bdc01adef
0
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:aa57bb079cae59af080f137bdc01adef
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Sat, 29 Oct 2022 10:07:39 GMT
server
Aorta/20221014.838b4502f
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:aa57bb079cae59af080f137bdc01adef
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
0519a4cc5951
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
beacon
ap.lijit.com/ Frame 8227 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/beacon?informer=13459965
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/avif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
5159
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=Fj7fsBZH5_jFDR6_Sg2DBwj-&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=5be9635c-fb6b-4200-bee5-7245403ffe22&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=5be9635c-fb6b-4200-bee5-7245403ffe22&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sat, 29 Oct 2022 10:07:39 GMT
Server
MT3 4629 97bee97 master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ce.lijit.com/merge?pid=3&3pid=5be9635c-fb6b-4200-bee5-7245403ffe22&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 29 Oct 2022 10:07:38 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8227 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8227 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 8227
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1667038059854
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797883030
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797883030
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
etag
RX970d8503f6754587b43ac495076d642f003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797883030
cache-control
no-store, no-cache, must-revalidate
expires
0
noop
px.owneriq.net/ Frame 8227
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7203244591428147245&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
2.19.46.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-46-98.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Sat, 29 Oct 2022 10:07:40 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sat, 29 Oct 2022 10:07:40 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 8227 		44 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=Fj7fsBZH5_jFDR6_Sg2DBwj-&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 29 Oct 2022 10:07:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
44
x-mnet-hl2
E
expires
Sat, 29 Oct 2022 10:07:39 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=Av5sWlKvbwAZ9W0BBfh0CgSvOA0Z-2xcB66Z3cEg
0
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=Av5sWlKvbwAZ9W0BBfh0CgSvOA0Z-2xcB66Z3cEg
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=Av5sWlKvbwAZ9W0BBfh0CgSvOA0Z-2xcB66Z3cEg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=3ebd0266-b147-41c0-832b-20e2cf49008a
0
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=3ebd0266-b147-41c0-832b-20e2cf49008a
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=3ebd0266-b147-41c0-832b-20e2cf49008a
Date
Sat, 29 Oct 2022 10:07:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8227 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323575831589
0
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5124322323575831589
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:40 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5124322323575831589
Date
Sat, 29 Oct 2022 10:07:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=fmx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=fmx&expires=10&bsw_param=eab8b95e-d74f-4028-8326-02d779bd6e78
  • https://ce.lijit.com/merge?pid=26&3pid=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
0
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:40 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Date
Sat, 29 Oct 2022 10:07:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8227
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=Fzqm44S2wR2N&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=Fzqm44S2wR2N&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://ce.lijit.com/merge?pid=49&3pid=Fzqm44S2wR2N&ev=1&pid=558511&gdpr_consent=&gdpr=0
content-language
en-GB
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6fbd5d5df9-cvttt
expires
-1
cm
us-u.openx.net/w/1.0/ Frame 9C05 		629 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
39b27907a71b8318d7bb6a907d006cf18cee715cc198460c889be03bcf8d4ecc

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
389
content-type
text/html
date
Sat, 29 Oct 2022 10:07:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 409F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144974
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 10:07:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 31 Oct 2022 02:23:53 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 599F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144974
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 10:07:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 31 Oct 2022 02:23:53 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 2E7F
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=8878724672290120394&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=8878724672290120394&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13459965
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sat, 29 Oct 2022 10:07:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sat, 29 Oct 2022 10:07:39 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=8878724672290120394&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
usync.js
eus.rubiconproject.com/ Frame 8889 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a9260a7159313a57677327ffd206c8689fb26960f77a93d680808ed283936d63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 29 Oct 2022 10:07:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18288
Connection
keep-alive
Content-Length
9456
Expires
Sat, 29 Oct 2022 15:12:27 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2671snxIdkV6b2pGbU5oenpFcGNycGhzaEZPYTQ4ZkdHdUFKQWR4aStYRDJ1RmxVUkJOTjB1aUtKUUx4SXVSdmN2RXE5bklOaE80S0sxR1hYVUdKMk5TUThLQm1nQzR3dDFGbGRWblVSMVdqRGFRSzF3dHFOVktpWTkvUCtwVFd0Q1NtWXpUZ3NNOVdZY0g1eHV6dU8zQW42emRLTEd4UGpGR1lLUC9wRklJaDJJeWRURHh1YjhCM2FHa01XajZrajZ1Ny9oRjMwZDBXUkd1WFJEaGVrd2FWbnR4VEZFSmhGMUxqWXZLNGxsTG5ybDRmeUVyMEpqRG9FWjRYTzYrc1I4ODRrR1cvTytLbUNQcGdkM0JkUHQxNCthdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 29 Oct 2022 10:07:39 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
501884
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 9C05 		0
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=2b460eee-824c-44e6-b0cc-1308dd7e651a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"
dds
rtb.openx.net/sync/ Frame 9C05 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
a06j1ibm1ck5d7f33duottfo9oj6mt5n
d36fb66a-f854-eca2-c6a7-b35b5a989701
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9C05 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/d36fb66a-f854-eca2-c6a7-b35b5a989701?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:6e4b:8d25:66f8:d8e3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
eu-u.openx.net/w/1.0/ Frame 9C05
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9xWUGSpj1OOIKB5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9xWUGSpj1OOIKB5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0a4402c7ccc8b73ba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=9xWUGSpj1OOIKB5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C05
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=eab8b95e-d74f-4028-8326-02d779bd6e78
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=6e9a8841-2fc7-4e1a-9684-f4c1bd8d1124&ssp=openx&expires=30&user_group=5&bsw_param=eab8b95e-d74f-4028-8326-02d779bd6e78
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=eab8b95e-d74f-4028-8326-02d779bd6e78&gdpr=&gdpr_consent=
Date
Sat, 29 Oct 2022 10:07:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 9C05
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4210551638128796025
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4210551638128796025
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
AN-X-Request-Uuid
f7bda78d-4abd-4ae0-8e50-5ad4bf0d66e9
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4210551638128796025
Connection
keep-alive
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox
match.prod.bidr.io/cookie-sync/ Frame 9C05 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ox
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.188.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-188-40.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102501&jk=2194325773231837&bg=!09Cl0JTNAAZPh4lnb4c7ACkAdvg8WqtrXgPxcD0oFM0PfTE9yL9XYUHu_xuXBI9vfA-MrRAjG_eBowIAAAE4UgAAAANoAQcKAFAPMfOMOYXZngNf587phpPakEueOcBaFNcD_Mry7yWKMpeSiLJlNfnO8sAOt6xV4niFIpxWgPvSCeZeRabTI5xEmDx3ISmDbwj42fkOlm0FVZkCmg-d7lC45nucHqw3AbELviSOzypjYai1Qe_QLwc-PPNeknsc0GVkW8ef6V1gptQjc3bsimHXM4kfafALMiooF0kQJJFXQVikKT5yDyQpv4Xfu0k-t4LJlZdvBS58qxNClbvJArA83-a6kEgXTutAiF8qZO3OGWJpgzKXIyg70ZBUi5DfWY-AE4mIX1SjED299L1KNzM1eMRGz72fyGfEk-hRhLVA-Ewtj-TI76BvsUC_RARshOPZpCHNj8gNI9nP0qLTiEoXh9JGIb5P3R4cJ2r35-o9O6lcVcIq8zNksIuxG0oe_XaVeMCm4S5Xc0jtIRa0l9cg9r1g9xdOytjiQadEKVPtG0Do0tvUdYvz7sDrP_e2NAS9ZxI2EcRzCVmCdsaZV3lb09ov-8D75y8jlFzcljkNk5_zrl5gedXxWhI1kMXopL0KVvgar5COa92wgqRSmM0Pm5dhXiqHgmaN7XvjAMT0PnMd6m9aQOfYJxtuDCXjT13Sy_B-g6S0ScYFzFKMVQFmTLQeMkatBrkczGd41B5aYhF0KVBskLo5h-wdkt2w5ElhxuuZg7SJu5_rXG0LgNRZ70_qY9dxovl6BGPjvC5V3gk4E8JPnIt6na4NZ2RnEvU0DyXSjE0XCh-0vUZpdYCk8hUpT77twZcsKqE8N1T_MFvDj3iwM_FXaolGT1_dlZKen93siAylDkxQgKQgoFhBfFrzm1nVmRSrtDRfiktZKDHuL-fQo52b9FfN4_neeTau1YQxUC8_smhRo8-E3AftVdtsMeEi2gjE-elrlVV3Rk307TPlLIbSel9dL1BHzA5sgjl6mAt7YhCmQYVWlN8TsWA1Pe323nrI5iYq-pOetkXBA_uLd1FkT0fn_VwFIU3eBpVPOQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ntn.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 409F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80223172&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:39 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8889
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uSu4LQ8prAsdQ4EcKKypz8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5543804827269923193
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5543804827269923193
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 29 Oct 2022 10:07:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5543804827269923193
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8889
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&gdpr=0
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlUUkYwSEUtMVQtRElFUg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8889
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MABp_ZzuTnyX8Z6hOBTpLA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MABp_ZzuTnyX8Z6hOBTpLA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MABp_ZzuTnyX8Z6hOBTpLA&gdpr=0
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
67807YNE9B3QZ6ZA8VEG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MABp_ZzuTnyX8Z6hOBTpLA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8889
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=yeAVtRvFQSKi7pijYuHlxw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yeAVtRvFQSKi7pijYuHlxw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yeAVtRvFQSKi7pijYuHlxw&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Oct 2022 10:07:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RV294KZZTQV1X3XRBW7F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=yeAVtRvFQSKi7pijYuHlxw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 8889 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8889
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHRFdlWW8_ZVNYcp3wVmeoc&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHRFdlWW8_ZVNYcp3wVmeoc&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHRFdlWW8_ZVNYcp3wVmeoc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8889
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9TRF0HE-1T-DIER&gdpr=0
0
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9TRF0HE-1T-DIER&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 10:07:39 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 35E3A3FC1D6443CCAAEDC4B279659982 Ref B: LON21EDGE2612 Ref C: 2022-10-29T10:07:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXsKYtl2+ToNWPUUYjzzw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9TRF0HE-1T-DIER&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8889
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY4MjQ1MzEwNWIwZjhhY2I1YWVhYTllMmVjMmFmOTUyMWY5NTVlMQ&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY4MjQ1MzEwNWIwZjhhY2I1YWVhYTllMmVjMmFmOTUyMWY5NTVlMQ&gdpr=0
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Oct 2022 10:07:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzY4MjQ1MzEwNWIwZjhhY2I1YWVhYTllMmVjMmFmOTUyMWY5NTVlMQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:40 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9F2C592A97E54FC79E4FA700505F5200&time=1667038060723&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=561068466&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=6025&param5=8&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ntn.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Oct 2022 10:07:40 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| respond object| swfobject function| jwplayer function| $jw undefined| _userPlayerReady function| playerReady function| _utils function| _css function| _hide function| _show function| ts_toggle function| fnHasClass function| array_merge boolean| g_tv_filter_type boolean| g_tv_filter_time undefined| g_tv_filter_elements function| tvSetFilterProductType function| tvSetFilterTime function| scrollerSwitch function| CommentFormClass object| commentFormObject object| jQuery181011286999344416038 object| g_images function| preloadImages function| ga_outbound function| printPage string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| VMAP function| __onGCastApiAvailable function| ga object| adt object| googletag object| vmpbjs object| vpb number| device_width object| dataLayer function| fbq function| _fbq function| gtag function| bk_async object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| hideCatfishAd number| tns_already object| tnscm_adn object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| cm_events object| vmpbjsChunk object| _pbjsGlobals undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Criteo function| CrossDomainStorage object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| google_image_requests

90 Cookies

Domain/Path Name / Value
ntn.ua/uk Name: b
Value: b
.adtelligent.com/ Name: vmuid
Value: 03478b65a3274c48
.bidr.io/ Name: bito
Value: AAETDU7GufcAAB8jXwd5AA
.bidr.io/ Name: bitoIsSecure
Value: ok
.ntn.ua/ Name: _ga
Value: GA1.2.1514351197.1667038056
.ntn.ua/ Name: _gid
Value: GA1.2.1887117192.1667038056
.ntn.ua/ Name: _gat_gtag_UA_157387674_2
Value: 1
.ntn.ua/ Name: _gat_UA-3902239-38
Value: 1
.ntn.ua/ Name: __gfp_64b
Value: zQW1v6JYB.N_s0GZ3LHa_KOMOhoy9lCA.qoOrXGIkfP.z7|1667038055
.ntn.ua/ Name: _fbp
Value: fb.1.1667038055854.1043967917
.hit.gemius.pl/ Name: Gtest
Value: KlGN-MGGQMQGtATXet6wY29issGMXP8c25nSGLCmSkn8XBG.
ntn.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ntn.ua/ Name: _pubcid
Value: 9404ef77-c17f-411c-ada6-6d46c1e869b5
.hit.gemius.pl/ Name: Gdyn
Value: KlQbOMMGQMQGtATXet6wY29issGMXP8c25nSGLCmSkn8FRxSG7RrGS6Gw99BFlnMxgGPoeISD0F6Sssa
.ntn.ua/ Name: __gpi
Value: UID=00000b79a9cf5cf4:T=1667038055:RT=1667038055:S=ALNI_MZpjGXuDW-N0-k2a7FsLDwM35cJkg
a4p.adpartner.pro/ Name: apuid
Value: 976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
.lijit.com/ Name: ljt_reader
Value: Fj7fsBZH5_jFDR6_Sg2DBwj-
.openx.net/ Name: i
Value: 9404ef77-c17f-411c-ada6-6d46c1e869b5|1667038056
.rubiconproject.com/ Name: khaos
Value: L9TRF0HE-1T-DIER
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqX0Ud6D9AYdVqbBgMWySGKoH1GQZR6kugTcNOBtGbweDr/DFYw6jbaj1ZvYpPUliAcHHmv29zUs0PIHI3a0fHR
.mfadsrvr.com/ Name: tuuid
Value: 3ebd0266-b147-41c0-832b-20e2cf49008a
.mfadsrvr.com/ Name: c
Value: 1667038056
.mfadsrvr.com/ Name: tuuid_lu
Value: 1667038056
.adtelligent.com/ Name: a307558
Value: 976b6ccb-aac1-41dc-bad2-4b4995ce1ceb
.doubleclick.net/ Name: IDE
Value: AHWqTUnUEJFB0R56ARNkvtGTN-fAti_9ZUKBMY0VFkudz_ovYGzt-ZdKrC0wK3PTtTs
.ntn.ua/ Name: __gads
Value: ID=adfda1d59bce645e:T=1667038055:S=ALNI_MZFHS9QryNVlnjYoUNtRbUbwo8H6A
.adtelligent.com/ Name: a736011
Value: 3ebd0266-b147-41c0-832b-20e2cf49008a
ntn.ua/ Name: hbmp_cap_h
Value: eyJvcGVueF9ta3AiOjF9
ntn.ua/ Name: hbmp_cap_d
Value: eyJvcGVueF9ta3AiOjF9
.casalemedia.com/ Name: CMID
Value: Y1z7aRpUQ2tebJf9LHRxQwAA
.casalemedia.com/ Name: CMPS
Value: 1171
.casalemedia.com/ Name: CMPRO
Value: 1171
.adnxs.com/ Name: uuid2
Value: 4210551638128796025
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?frMVKF!]tbPl1M>e)ZlrFUfJ+tGXxo]CJ!Q3>Ss$5_^nh7Rj-ANBK^azQ<:?UX7gI$3If)y3KL9D3I?+oY+/el
.quantserve.com/ Name: mc
Value: 635cfb69-84815-30ba4-65e3c
.adform.net/ Name: C
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2230C5BC95-BB86-4164-A2C6-BB396E78DBD0%22%7D
.simpli.fi/ Name: suid
Value: ABBD9E51FFCE48FE9EB595ED6A1A9B9D
.adform.net/ Name: uid
Value: 3317407955325237075
.w55c.net/ Name: wfivefivec
Value: 9xWUGSpj1OOIKB5
.w55c.net/ Name: matchgoogle
Value: 5
.adfarm1.adition.com/ Name: UserID1
Value: 7159873936017979546
.yahoo.com/ Name: A3
Value: d=AQABBGn7XGMCEN1bSvE5C25yZ7mpY-jtgP8FEgEBAQFMXmNmYwAAAAAA_eMAAA&S=AQAAArZ9YkkJK1av2p3puBz-feM
.bidswitch.net/ Name: tuuid
Value: eab8b95e-d74f-4028-8326-02d779bd6e78
.bidswitch.net/ Name: c
Value: 1667038057
.bidswitch.net/ Name: tuuid_lu
Value: 1667038057
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1z7aQAEBpEogwAO
.casalemedia.com/ Name: CMTS
Value: 1210
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~27zm
.bidswitch.net/ Name: google_push
Value: AZmPxg_vX2lyCOiSwKds_ICQ6atjk1ILi9Sw2VVf4rYWvKPCb7e8m9_0KZFOdbq5P5h7pwC4eB8w2e5dAk8FAbk4L5UK4LEJBTyDrQ
.tribalfusion.com/ Name: ANON_ID
Value: a0nseFS3n0hryoxDnS6JcvWvrUyb0yJaDXSVId7VSHquQh57TIYdLiSRD3ZdWYspON4xmrhRvXlNOaEqdETRP
.neural40.cdnwebcloud.com/ Name: n_one
Value: 8416f282-5771-11ed-b2a3-0242ac110002
.criteo.com/ Name: uid
Value: 49aabe02-995c-4028-b11d-f2999a5b0699
.openx.net/ Name: pd
Value: v2|1667038059|kigqiysLommOgevNgunsn0gi
.creativecdn.com/ Name: u
Value: fHC1r1Als2bIq6OyldEg
.creativecdn.com/ Name: ts
Value: 1667038059
.quantserve.com/ Name: d
Value: EFMBFgG5J4EPisMM2MgQ
.mathtag.com/ Name: uuid
Value: 5be9635c-fb6b-4200-bee5-7245403ffe22
.w55c.net/ Name: matchopenx
Value: 5
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.turn.com/ Name: uid
Value: 8878724672290120394
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: _ljtrtb_92
Value: 4210551638128796025
.lijit.com/ Name: _ljtrtb_85
Value: AAETDU7GufcAAB8jXwd5AA
.ntn.ua/ Name: cto_bundle
Value: IXHqL196QlhFRVFzTVR4NDQxNU9YbjdGcnNDelJKUkd3eDZjJTJCdkR0aGdHd1RMaTBJZnBhQnJTJTJGNCUyQnZDTnFaQU40d3Nua0VFQ0pobVlEUktqQnNqJTJCenlrNTdnTnMxaHowN3BoTkNZVHp1OGdsMkpuTDNEb24ySFNaSWQya0NDOVpxR0dxNTBjaEIyMVduZkIwWG9mJTJCaVNZWGV3JTNEJTNE
.ntn.ua/ Name: cto_bidid
Value: FkWTwl9lRCUyRlB1aktDZHFKVVEzSUNsVzBUMnhuWG45U1o1RERFSHlZZkZlZWlwYzFlJTJGT1pqNTllYTdWblglMkIzODhYc2MzdkZuT05iWXN4UnFmekglMkZlYnFJNHhBYTlsaHV2ZG1saHRQcHdtb0RXWXNRJTNE
.lijit.com/ Name: _ljtrtb_12
Value: 4210551638128796025
.lijit.com/ Name: _ljtrtb_1
Value: 8878724672290120394
.lijit.com/ Name: _ljtrtb_86
Value: fHC1r1Als2bIq6OyldEg
.lijit.com/ Name: _ljtrtb_3
Value: 5be9635c-fb6b-4200-bee5-7245403ffe22
.lijit.com/ Name: ljtrtbexp
Value: eJxdkDsawzAMgu%2FiOYOk6oF6tXy5e%2Bo0ixh%2FbDD4XLq%2Bmllq7tHHsgdhXrkxFDWVz8RSMoiQokJMT1T%2BG6QbNnd3zU4%2FBdMDzkw6p5Zw4iAmv7GfPgFN998NArWHizbRZqd8p7ygPoGZrzIbXjfPG1qs
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1667038059!adtelligent,1667038056
.creative-serving.com/ Name: tuuid
Value: 6e9a8841-2fc7-4e1a-9684-f4c1bd8d1124
.creative-serving.com/ Name: c
Value: 1667038059
.creative-serving.com/ Name: tuuid_lu
Value: 1667038059
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-970d8503-f675-4587-b43a-c495076d642f-003%22%2C%22zdxidn%22%3A%222032%22%2C%22nxtrdr%22%3Afalse%7D
.owneriq.net/ Name: si
Value: Q7203244591428147245
.owneriq.net/ Name: p2
Value: sv
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zvEyGtoZmZuYGxhYGppaWEJAD5z1UEQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjY1N7UwNjS1sBTiM9QtLfUyzCjIiwhxDjUDAEQRO50lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2MjY1N7UwNjS1sBTiM9QtLfUyzCjIiwhxDjUDAEQRO50lAAAA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&471f12bb-f577-4151-832a-a9deafbec1d1"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjcwMzgwNjA7MjswMjHaJWf10XZtJxdAzfYIcWcglvuhjFSXTzSQ0WF4hY24ZQ==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2839:u=1:x=1:i=1667038060:t=1667124460:v=2:sig=AQGdkOWjcOkhDWIIr6D6fs_KuiAD05Kx"
.amazon-adsystem.com/ Name: ad-id
Value: A0y06LKTjk3luecGlgICjVw|t
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3803eb5b33870c91
.lijit.com/ Name: ljtrtb
Value: eJx1zLEKQjEMQNF%2F6WwhSZu0dYv6UCcXBec%2BW0HeoiIi4r8bP8D5XO7boZu7nFNOFCURFUCCUKKbOSSjSAjMKCEj5VQEiI2CCddWJPDoe5XqIwH42hp7G3GE0HsjsrT8v2Q2Uh32q0NaP%2FqousiX4%2FPEqj8V075Z4g11ulPdXmX3mk7D2X2%2BKdIq6Q%3D%3D
.lijit.com/ Name: _ljtrtb_49
Value: Fzqm44S2wR2N

4 Console Messages

Source Level URL
Text
rendering warning URL: https://ntn.ua/uk/(Line 39)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to execute script from 'https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGKBHAKINMGMNJJNJKHIMJPFJ@FNMLGKNFJLONFBMHKGFMHLHLLONEMGMJKAGKKOGHOHKMLLIBJIKLHMLPGGGQLOMNJMEBILLLEKOELOMMF@HBEBH&clid=opx&paid=gc&avid=537073301&caid=537096318&publisherId=541177116&plid=540463288&siteId=541177131&kv1=728x90&kv2=https%3A%2F%2Fntn.ua%2Fuk%2F&kv4=217.138.196.106&kv5=1667038056&kv11=00894366-fb28-4031-81a9-a7d37b1373d5&lineItemId=540463243&kv15=gb&kv55=1.0,1!adtelligent.com,283366,1,,,!openx.com,541177116,1,00894366-fb28-4031-81a9-a7d37b1373d5,,&kv10=&kv25=&kv26=Windows&kv28=desktop&kv62=&kv9=&kv13=&kv3=9404ef77-c17f-411c-ada6-6d46c1e869b5&kv27=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&kv7=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&kv14=&kv16=53.442&kv17=-2.241&kv12=541177132&kv18=&kv19=&kv20=&kv23=&kv24=Desktop_Display&cb=74286704#opx' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

34a1ad06f992e252c6b84b466496b156.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ad.doubleclick.net
adrta.com
ads.creative-serving.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
aorta.clickagy.com
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bidswitch-eu.splicky.com
bucket.cdnwebcloud.com
c.bigmir.net
c1.adform.net
cdn.js7k.com
cdn.jsdelivr.net
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
creativecdn.com
csync.loopme.me
d.adtelligent.com
d.turn.com
data.adsrvr.org
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
i.bigmir.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
inter.ua
ipds.adrta.com
juke.mmi.bemobile.ua
ls.hit.gemius.pl
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
neural40.cdnwebcloud.com
ntn.ua
ox-delivery-prod-europe-west2.openx.net
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prebid-eu.creativecdn.com
px.ads.linkedin.com
px.owneriq.net
rtb.mfadsrvr.com
rtb.openx.net
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
ssbsync.smartadserver.com
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
tags.bkrtx.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.18.18.126
137.74.6.209
142.250.186.162
146.59.10.80
146.59.30.104
151.101.194.49
162.19.138.82
178.250.2.146
18.195.207.28
18.206.62.161
18.66.122.129
185.184.8.90
185.29.134.248
185.64.190.78
185.80.39.216
185.86.139.94
188.34.165.163
193.0.160.128
193.239.68.97
193.239.71.100
194.247.175.19
194.247.175.23
194.247.175.25
194.247.175.26
198.148.27.139
2.18.235.93
2.19.46.98
2001:678:cb4:bbbb::13
213.19.147.45
216.52.2.19
216.58.212.134
216.58.212.162
23.205.235.133
23.35.236.201
2600:9000:223f:6e00:1b:5138:8a40:93a1
2600:9000:2491:2c00:4:b37b:9440:93a1
2602:803:c003:200::61
2606:4700:3038::6815:e9e1
2606:4700::6810:5914
2606:4700::6810:7aaf
2606:4700::6812:18ad
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:6e4b:8d25:66f8:d8e3
2a06:98c1:3121::3
2a0c:5c81:5120::2
2a0c:5c81:5142::2
3.120.49.52
3.125.135.131
3.126.151.133
3.126.56.137
3.33.220.150
34.95.103.48
34.98.64.218
35.190.0.66
35.204.158.49
35.214.236.176
35.227.252.103
35.71.131.137
37.157.4.25
37.252.172.123
37.252.172.249
45.133.44.4
52.1.102.118
52.30.188.40
52.46.155.104
52.5.136.4
54.239.38.253
62.149.1.122
63.34.235.23
66.155.71.150
69.173.144.138
69.173.144.165
69.192.160.219
72.251.249.14
8.43.72.97
85.114.159.118
96.16.135.39
99.81.33.254
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
02cd665bff4a3a13e9a4eb41f2cc1d074421d15526b952040ef39df2bea5c1e7
03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb
0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34
0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2
0773d30b7478dc67aa7b0621a3a81ff084e2fcc766c3d0b227f45cc981895638
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
09ac1a140bbb925efb4358c34c487fe8115770a9dc5ad48b84674f33ed7b0520
0b419112ce686ccacafac216d9bd8355ad1934a0a0b5c2c2f30654690288911d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2ed188534949616a45db751d0a10f03e9481beaee928999e63144c70314fd
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0f9c1587baadf5c93ad4c9559f235385a34e43eed2157c3203d496ce4e59b1bd
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
15bd43f21156f06872eb9649472e6365c8c17bcdf11ea02c14fce7ae4c918a33
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf
1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d
1ff60edc066ed03c4e54ad8f04258a65178ca6a871f5748f0c719b74f58d79d5
208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
251e1f4d125ccb08501f8646f1e483aa95805e8070bd0493000efec683c34bf0
255055d2403bde6efef2843ba5a2a484160514f942e7a1d8c7dd83828a649a46
275aa637a5dfb33e8e7f98ccd2830d58847c87fc6034825a06daa73b48d620a3
2911c21e4bb0bd083e5eacbf8e26fd4a11caaa8c541299ccd4eb9d8e09a4ba4a
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33afc15618454c8ce38dd6cc8c5e1c24ec664eebd88cff105797271e75dfd9a1
37dc089dc27d18a0c04aaae4807b9a968ffc74147c0919fa9879efea56a7d7f2
381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1
3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c
39b27907a71b8318d7bb6a907d006cf18cee715cc198460c889be03bcf8d4ecc
3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f
3d201d6e70be1d78bbea34fc382ecc286ba1b796c143ca4969d92116560e5c9f
3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4
42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca
45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722
4645ea9d1726dc76a0274b8b49cd812161097bef882237afe5adbbf225e14543
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4680cc57fb507b89d19c13051396e857b2d5b998831b6d07465539260abef3cc
47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81
47d95a4762737366fadf7c59ecf5af26496eecc849489a47bc124cfcc09a81c8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659
4b2addd85433c142ccd28b90da525a6b716e2783268a5ea76fe56ac9c805253a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985
515563c93d8f56d0cb8e18cb4a1ee55aca2543f8f78822d96f479ca7f8c991f6
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5
56202b9da90fc673469eca5fb60bdd13956a769cb1548aa78e3962c419c7840e
5841da9b44e7eb8243096993385066e610b103ed3007bb2cbf18e5500baebedc
5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24
5bde95ca5601224816c7284d0d765019095733b7ae687da55c077f114e117187
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6
5dca1aab09bf4e9cedef0c4a45dc5c5d1378e7a2070a335addb038a1ca782153
5e996c96982b729d39268ac0987567f918c5aa88f6783561213d0a36c4ab2a8f
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545
6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
691b920aee45ddbc9b3ca71e4f06ece504c22f1d9ac40b8369a277be043ffd86
6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e140393a5c564a0373f5af25fb31419454e956674534b4acee7822a5d1586b9
7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
75dba37facbfe960a80b7e482dca8dcc85b3d7e5f488dc0c6c145c2fbbd148c3
7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f
7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824
82bbb9cd857ae829c037efe704e5caf09313289ba2b6e504a7ac6ac7822ce309
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
88434c25737f9e78eaa61b8b4b36272e4d8ef60dac005965cab1c31f43767e9e
88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af392472f373eae45bb1b52b0da199a3ced2d23d318e81593a157408d3ebd8c
8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e
8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91ea59ec85aa329d6c9935ce6ebc74c6e37add1ab0b6111212410f7230ae701a
94c9606c58a960604df8913628c71a25b3484e7782ee44213470c5046dcd418b
95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a30456069803e789b02e498f563998088b85bf1f3eeac4383c1925c790b150c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77c0ac33043cad4abf9e3544cfe551f028d2cd055b6be5a26712f49292db6e0
a9260a7159313a57677327ffd206c8689fb26960f77a93d680808ed283936d63
a93a88d292f92f4a32e00cac7bdb6ad2c0e717abe2100421a1799cb5441e4f39
abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f
abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e
ac32377ae624ac720172de6cd59d7fad67c0c78fe658c7a7b2b43be14b9d74ab
afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
b0be8db74ac8bd244f66380adc0f170f9d382ce0b28489e26a4cfa0907a8f4ca
b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
b7a27524bf6ac1fe07e09b4940997d1fa43bf91820e6940c147d3cdabdaa843e
b803db59f4ea327ae1f42388d75985f2b7bad6511651355b79731dda5883e551
b80acec532dfc1bd7e49387f48a7353457a8c8c7263407bc8070fe113bed2974
b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
ba3e156e129e83a6233deacb0e7ed1fb90067f0d41caf300a21eed900bfdc8af
bb227b04e4ea2af4600dafb200a53398e183e474b2bb28962340ee22b5da1774
bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bf9750a2fa19469c12266cd9bbb2e6f2e409cf643aed0940a4ea195fe1f4c8ad
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76
c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315
c81a6c1b2adbc3ed1e90d7c56c3a1f555dd4b4279a310c1dfc5b994390ee3eec
c824f3b22b2dbbb009452db4b2abc0dcac74eb01f1e39625d15f13322aec64c8
ca258c51e692583ce30d6f843366f05f26c590775a02d2770c9164e46fdab199
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d19b9bb236d85ca7803eb588b36067092378ff355cf405eebd2f74fb6ecd67cb
d1b3a450d7b92628aee8162fd08be46df73133c4d0b50432797c6901d9c9a1c0
d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5
d2a76a7ff51b1eb5f1ea0e715070bb3a31274b2a7059597dd9effe100a74a926
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d47a846131784dcb7bc4fbecf19edbcbe21b84923063526307a16f082cf966e7
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de
db260c1474fddc20e8f65c087284426f485e33534d21b6e4f8a76f266ff8b904
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df
dd920b25c9bf5fce52de23249755a63d0e6826fc743d26eb60fdb350a5523f34
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59336afb66547cc153b095bcc84b5451a5245fca489232bb29602ba84b6a72a
e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb
e6942260a73b492c3f61fe0fe807cc5346a57224aeb9d31ed0be9a22677dbac8
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d
ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec9bbb71ee1b207d2f6bf43465b65cdd106320f89567b66abbf07f59a8ca0eb1
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cea16677e9e1eed14bf8fcbea9e58f64df6f2448e10ebe17fbbeb3fe62e584
f4773a68f8ea3ac47e6793e2bdfedcf21cd5f437d3f37c340e97b5865dcabec5
f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9
fc14852357bf40d65a11e8278a3a41fdba5a6bb5bab56ba3de7229d159243738
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4