nnews.com.ua Open in urlscan Pro
176.104.8.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nnews.com.ua/
Effective URL:
https://nnews.com.ua/
Submission: On June 07 via api (June 7th 2022, 3:47:14 pm UTC) from GB — Scanned from GB

Summary HTTP 245 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 43 domains to perform 245 HTTP transactions. The main IP is 176.104.8.35, located in Kyiv, Ukraine and belongs to UNDERNET-AS1, UA. The main domain is nnews.com.ua.
TLS certificate: Issued by R3 on June 6th 2022. Valid for: 3 months.

This is the only time nnews.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 54	176.104.8.35 176.104.8.35	41435 (UNDERNET-AS1) (UNDERNET-AS1)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:6ea0:c70... 2a02:6ea0:c700::16	60068 (CDN77 ^_^) (CDN77 ^_^)
1 13	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.166.21.205 188.166.21.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	193.108.153.18 193.108.153.18	34164 (AKAMAI-LON) (AKAMAI-LON)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	54.154.72.131 54.154.72.131	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.175 13.225.84.175	16509 (AMAZON-02) (AMAZON-02)
3 7	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.244.196.143 143.244.196.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:6600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	3.248.173.178 3.248.173.178	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
7 14	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	63.32.228.167 63.32.228.167	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.36.127 34.250.36.127	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.151.66 18.203.151.66	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	46.137.175.238 46.137.175.238	16509 (AMAZON-02) (AMAZON-02)
2	188.166.37.243 188.166.37.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	178.62.226.6 178.62.226.6	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
29	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1 1	34.251.55.128 34.251.55.128	16509 (AMAZON-02) (AMAZON-02)
1 1	3.68.169.133 3.68.169.133	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
245	48

54 176.104.8.35 (Kyiv, Ukraine) 1 redirects

ASN41435 (UNDERNET-AS1, UA)
PTR: s-176-104-8-35.under.net.ua

nnews.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::16 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.132.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.21.205 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.18 (Frankfurt am Main, Germany)

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.72.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-175.fra2.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.196.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.248.173.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-173-178.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.74.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.228.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-228-167.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.36.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-36-127.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.151.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-151-66.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.175.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-175-238.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.37.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

stats.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.226.6 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

img.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.55.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.169.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-169-133.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	nnews.com.ua 1 redirects nnews.com.ua	568 KB
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	632 KB
32	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	182 KB
16	mgid.com 1 redirects jsc.mgid.com — Cisco Umbrella Rank: 8030 c.mgid.com — Cisco Umbrella Rank: 6138 s-img.mgid.com — Cisco Umbrella Rank: 7268 cdn.mgid.com — Cisco Umbrella Rank: 10297 servicer.mgid.com — Cisco Umbrella Rank: 8215 cm.mgid.com — Cisco Umbrella Rank: 2166	2 MB
10	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 24611	241 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	169 KB
7	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1625 mwzeom.zeotap.com — Cisco Umbrella Rank: 1383	22 KB
7	phoenix-widget.com phoenix-widget.com — Cisco Umbrella Rank: 173010 api.phoenix-widget.com — Cisco Umbrella Rank: 212642 stats.phoenix-widget.com — Cisco Umbrella Rank: 302803 img.phoenix-widget.com — Cisco Umbrella Rank: 241376	87 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	183 KB
6	casalemedia.com 3 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1313 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518	5 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 ajax.googleapis.com — Cisco Umbrella Rank: 277	34 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	213 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 214 secure.adnxs.com — Cisco Umbrella Rank: 391	5 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 8428 s.cpx.to — Cisco Umbrella Rank: 1823	6 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 358 mug.criteo.com — Cisco Umbrella Rank: 2958	2 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 25145	1 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	26 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 819 image6.pubmatic.com — Cisco Umbrella Rank: 564	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	916 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 600	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1735	1 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1374	1 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5121	914 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 415 d.agkn.com — Cisco Umbrella Rank: 531	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 194	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 890 pixel.quantserve.com — Cisco Umbrella Rank: 412	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 25484	6 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	461 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 840	356 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2982	376 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 28811	523 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	645 B
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 45988	204 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 783	358 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 862	1 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 586	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 741
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9601	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
245	43

	Domain	Requested by
54	nnews.com.ua	1 redirects nnews.com.ua
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
21	pagead2.googlesyndication.com	nnews.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com nnews.com.ua googleads.g.doubleclick.net
14	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
10	ads.themoneytizer.com	nnews.com.ua ads.themoneytizer.com
6	s0.2mdn.net	nnews.com.ua s0.2mdn.net
6	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	s-img.mgid.com	nnews.com.ua
5	mwzeom.zeotap.com	nnews.com.ua
5	fonts.googleapis.com	nnews.com.ua googleads.g.doubleclick.net
4	cdn.mgid.com	nnews.com.ua
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	s.cpx.to	p.cpx.to nnews.com.ua
4	c.tmyzer.com	ads.themoneytizer.com
3	cdnjs.cloudflare.com	s0.2mdn.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	match.adsrvr.org	js-sec.indexww.com nnews.com.ua
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com phoenix-widget.com
3	id5-sync.com	nnews.com.ua ads.themoneytizer.com ced.sascdn.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
2	cm.mgid.com	jsc.mgid.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	nnews.com.ua
2	e.dlx.addthis.com	2 redirects
2	img.phoenix-widget.com	nnews.com.ua
2	c.mgid.com	1 redirects jsc.mgid.com
2	stats.phoenix-widget.com	phoenix-widget.com
2	sync.smartadserver.com	1 redirects nnews.com.ua
2	image2.pubmatic.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	dpm.demdex.net	2 redirects
2	mug.criteo.com	nnews.com.ua
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	phoenix-widget.com	nnews.com.ua
2	jsc.mgid.com	nnews.com.ua jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	adtrack.adleadevent.com	ajax.googleapis.com
1	secure.adnxs.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	pixel.quantserve.com	nnews.com.ua
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	aa.agkn.com	1 redirects
1	api.rlcdn.com	js-sec.indexww.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	api.phoenix-widget.com	phoenix-widget.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	www.googletagmanager.com	nnews.com.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
245	66

This site contains links to these domains. Also see Links.

Domain
click.phoenix-widget.com
phoenix-widget.com
shumskyi.pro
www.linkedin.com
t.me
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
nnews.com.ua R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
phoenix-widget.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-11` - `2023-03-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
c.tmyzer.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
api.phoenix-widget.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://nnews.com.ua/
Frame ID: D32C720DBDF7A17B785AE127FCD777F0
Requests: 142 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1654616826918
Frame ID: C51BA043813D5FE6B25E7D0B0003B31E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/zrt_lookup.html
Frame ID: 33019D445E2AE6F577B0B7FD6833D950
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnnews.com.ua%2F&id=MTIZ
Frame ID: EF8FC1CBFA7BC5CA5F4FF78D4CAB7DB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&adk=1812271804&adf=3025194257&lmt=1654616827&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnnews.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827173&bpp=2&bdt=496&idt=254&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=310351932877&frm=20&pv=2&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=269
Frame ID: ACD4C27A5B2793441E33D7D583A63EA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827176&bpp=2&bdt=500&idt=273&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y0YersJhL1&p=https%3A//nnews.com.ua&dtd=287
Frame ID: C161E9A601CD52FA807016032D510739
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827178&bpp=1&bdt=501&idt=302&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q0lNBjmnRY&p=https%3A//nnews.com.ua&dtd=307
Frame ID: 2F9CE45D15E8BA3CAAD6CBA5D2A11437
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=337&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LfdLgGfbWy&p=https%3A//nnews.com.ua&dtd=340
Frame ID: 50DF3A2D235D35CF1CC9C8EB067363A3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361
Frame ID: B697ADCB5046BF29996A83C4D78988B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2D79FDFE2EFDD7A5721400B501973EB7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGLGBC523kY1I-6ywEwAQ&v=APEucNVKVGmdKmOs3snzfiOtpJTalMybN9ERCiluBRl0N0_b4yRa2y2bv3vz6qw7BhxSgC8Qd4Pl-EG8cIpphZ3mU53WUhN2kWKUJUMEK78bT9JfJm6ZXqpXThDpu-9Anyfb9Vc9Txts1TWGdMQ8nULhgObZml4qEW7f_ntbdiQa8IbKbGZiYwo
Frame ID: F0C733BE3C3B12046C6BFC6CFF458A15
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtZSbj0F_G1eRQ78lycacE0csvJAU1ZWoT__LYGSnvgAZ4HZgEsusE5IlKeHrvomaCa_6U5Rd_cUq7EOu4X8zyiNsJjenhEW0yJ6_qEAQU6KcOKKVaEQeqF5bQNIQFaHUBWmZi7NfH_pA5od4qEWdcqoAIdg&dbm_d=AKAmf-Di0MmYoqCHJf7qRQxQSPGYTXB_8Zw-QGgMNFx8ETtNaudQo5ipfj_PIAzACst_WFEHIm642aV-aAkSTNeoZmAqFsGdOexR9evye-ATjkjNFXXc_D8C9gHMzcEbO5N4IKdN4It0Hy8WgMnfL3IDm5t0boc4fmWNyWUYSD6q6sfULeKWupoef2Ui_zDvuAMvMyS6aUMQYPuvV2UiAidk79qP0Osq7Kky08E0RhlAWZcdRuRI1mN-GA2Q_nJrI9If_53lrHcOSvSMUhaOFu1UFIoyd9kRUtaTUYTt0pTKM_MW2ye3TailLc6sBjH-iRUXA2T66cQheUUQTfN4HJ3LQLTjyM2lsh4hTFK1sEYuBEXV5f67CpISYrYOl57EpBfezRa2LQnSrzf9-nwhi18LVAAWqd9ZcNNUSAnvQAqOnOGizWqlgdXDK-RaJF_hDd7HcrAlGHE4s0rGY5_XBYRP8iR1i78eC_1HsrjqKwGliXMEUTGuviYe5t6jmnmBzds-vpPdcOZOCaJef7cZEl5SMv7tsEx6FSDYH0VdmUSlBxSGzo4UxY3ZQB6wAHIgVhOqKLxCusmtNe4R39JCFnG-z3mb1VP60Uh3hTu4qKySk211I1Om2lpRKKYKUQlRg6JdH5Y2FWIQUngjRHgSBFi_Ts9QFBbigD5DYTgWVUCDJTUEnrzzracJH1Iw8IAKj5AEU0-MkRJLNfmuiETCe7TANJQZImRevsFa6uCrNdi-NppMoCZLRcez8yHR0zLMCYqoua9JOv5xpkz6b62fk4PytIUNCJiFKAo7bbJgZl_mZ2Qvd8bCK6VV3YOeA0BgKYCcXfOuSCXUq1reYvFPMnoBR9oVwNy4ol2wDrT1ko5t07yp-rcpkDt743ipWJss53HaGoaexpU1zXWQXnWB04JYC5pehWKMGML0J8VYrmIXZkkSM841_hnr2RbeM3vKQnhekKuKoTQMy6x4sIi2AKoNtt-uAZIhQDTN4ftTa-hQIYOdyYYAgg_zLf0w9LvbE41skGXskcz5raHCZWmAepyDZEmqyTjIGpWsUxcjPNZzHhSNJwlah--7FUSVsN-aW1Iq5pF6xdD_TkVX-y7L3XXu3E59IehzcaBhhEL8ygHYEWSBmjWM17yawZkPwVXfvh_15HIzf1oYOAqwj3QyfX67ht1uYPBU4m47dndNhQ7hppykbf9d0KVpb5N3JqUWf2f-kolMryPWANrXS1rrP7Gb1CheKH10fQG1S2HIDdPyzmHMxYk4PElVyFjNGh2RCnWa7oQniQmXrgJ3CHmjaEnq-EgK_00lLCOARX-gCP-5IpvFP7fytTPqqQMQVWfpacjGHL1uq2Z2Rzcio4rRJTNZtNlGN2RrAygs9_F55WGKvWSDce4dEN1GEy8GQNPvL8BBaxYXzZsIcQOspLbXXEsp0vJaWJTMTiGrMAQSF-rKC77gHddX7UImnsZ4TPQXPIPkbwtSwzZ0xc4ND9X8wlJUW687tmcB0QXG7y8ChMlRrUkZdDBP3BJIBHVK4C9axMsB7J_nMzF-UnToo9_ovw-afni_8XtiR1lPjxij673_t1Rg5yAi43lLQ5urHM3409JySrew7CTyFu3LgO7kMBAXcWH-FjTy4khCyDCanmuqa6uEzPBpOWBx7Lmnblst6rVxNp8UUJWqc0VckD4O5NpbdUojzKh1INH8LJukl4d_BCf-vuvoxzOgNkPnOhec6GxmYP3jFLYYhanptFVETA4KOoxCI_8l6IwKDdB-HUBvqTOq3QoVZLsHAkN-wN9ONcQsFbcF0AMJ5bS4L49SLSBDfgf4M2SKYINf_MQPqp6uFWvlORIRbgX3ZUo5HNNpuAfPaVaiQylcjqnqFxzTz9PaN96GKsOSs5oGl45oZrypxS2xqhwLk11tWmKfzm3WbUWeAQg633IZUHEmyVNck6-lU8gSm8-md_GwC-Mdwrk4WiHpEu5GnYec8KZUwrQ6jUktwQ3pqdkXcsoaq6JT-hMR7TDv3KNGRaZOJ0ofdlMm4M6rf0P8sB5z8l761HIaokGb7xdqOoQJ96dgi8AM7t1kp5VUP-Pj74fA93ARUh4-3IMu_ZE7S2RQ8UaF3LL7xdzlKzAP-IO9iBoqZNehC8nFUsXIPa1xKy8pNJKPJzchG2pcWwzTIvkN193YyJii0kxgBvKO99KrMmCjjvFdwIwuFG1w1ThsPyhQgmncfAK6bo8u9ktKpwuzaD9ctE6XOJ2d2BIHB63vnGG5p10K0uTRNV1xpq2SlFNw7wMvdPpBsQj4h2tqZOUmoHGkA-180hD8WRvEFKyAW4cN1lBQWJu_GdqxYS7lcX13tuyR4zeO805Dl1C1wFsudOm_WndtbU3m1gKQOXdPTIU4hylBZwr81YdeUiIv1Tn0WVSxEjuz9PlPmyodjKgndv7yPqhqgCC7ff74hiU2zpuDYKUCpHqDo0oQsdH0QAni3l4mjHHgDJavln-W5dilI2kFvAa5g91cAwGhbXGE-6XwlupfcP7UHx-GOZZ12m8-2cH7PgSYU1D9GkjYhzmRfn_PtyPzuNXfncJlmGPfes8CeKHjt01QuC55UCbOJdwWe8ZQlfAWyNNMdRt227LnI_Z_ILg70GG6fF2Y_2r8Ta2jxx3JwIXr_TwKE7e04-xmCcVU9TfXyUeDECX8P9uQi66rOE-UmDHqa69GaVXQYa2hh4R7X85WP8eA0ccU-9oiY-LyEsnDkjPUlmhmz0PTiySR4MjwmT1ROG9oGAWE-pQgjvWGKp0kN73LIImUlq_R1nyuCCwti9YBi6AxCC0dailkqwxinQaUBdK4zW4eG1a3BYICYu2Pl4MnBLBi1KsLsGPIlHMWI3WKRvnnipkTSICFER9CoyB0JRZ6PMQqUV6uevnSu-Kom-fGgtE3g1HgX2UGfM_FS2YoI7e5ljCI2fNzblH_d6uQ9hDJxaJN79BMN-NztINRMTBbufWTzzzp3X35GU4be5TdcCLGsodmyiGpUUUPWnAAVOLw9m4mJC5EQOZm91Pou7ogRoaaIKkZdiQy5Kn-xilaIcgOpAkQnXdo04eeUudXZ-mdHSef6M3CPWxDZjQBqW7yERVD-UHA03XiYUHHQGhC6Ultmi8zhZ4182NZsP11KG9TlvnM&cid=CAASEuRo3rDbVJJaQOwcIML-ZH1APg&rfl=2%2Chttps%253A%252F%252Fnnews.com.ua%252F%240
Frame ID: A0E01138E47B0A1D3837B3CD0755269D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA16A79B922A0CA57178C371FED214B5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: 7A247683067B1F69CFADEA7E0728B50C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6076529BC8B972298A7BFF700A5FBD3C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CF35B32AAE4E874D3B56F44A95DE3DF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247
Frame ID: D196656E5725231D70D2D638D645C16B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: 2F7D022AD79A56094FC247E62E87C463
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: 9E84E255D2ABEAE6263B077F17CB0617
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: A6D1DE8EAC7C0AA7E06910E267C9B9E8
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1654616829061825278417
Frame ID: 0A1A053220014F8BCCF8963685EF8526
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: 39F5C283F51D12FABFE3FF09B1FC4358
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 260D2DF2599C9522D6EEA0EE40FD70E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A60057FE7F15696B0A3E262E59E4734
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NNews - Інформаційний сайт про новини України і світу

Page URL History Show full URLs

http://nnews.com.ua/ HTTP 301
https://nnews.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

245
Requests

91 %
HTTPS

39 %
IPv6

43
Domains

66
Subdomains

48
IPs

9
Countries

4987 kB
Transfer

9105 kB
Size

51
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://click.phoenix-widget.com/go/6166d0d9f44872f8e903e3ca/.eJx1kU1u5CAQha8y8mJWwY35bVqycoNZzAUiDEUbtQGLn85Eo9w9TFuTRaSsUBXfe7wq_g4tb8NlWGvdy-V08jVCHU0KY9On0kK56TeN0rLpUtGetmZWX1HU6J5KqTqm-wbRA_LR5Y7kdqstvyHCMQp-23zqBLpmf4d4em41vJTUsoF5X1PX_fn5rxXA-hZms5tHaXTYtb_GmQM13ErOHCUOGOaT1Nid5YOqkMMsJiEstsoxdpbEnUFh2kX68EmxQqyzIJw6aogQhjgusCFU95MMT8Oek4FSUu4bMCnD-NkoY9bR9jUsusD4C17L70fdRa_eXqG-eNtFRwBwXwKYjh3337_9f8zD6LtZO7jqsh4Q65AUk6RCOIYXJa1gZLHMqAmsBtXh6gP0fwl7xwkmBGGBsPwx8QuTFyxHNZ0FpR1sBfLhiplkik926QE0Z0pbxalRbnj_ABwLq6M.HA4lsddOP66MCNfEuw1gc9w4t5s
Title: Что первым начнут восстанавливать в Сумской области и сколько готовы выделить бюджета ?Реклама

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/6166d0d9f44872f8e903e3ca/.eJxdkE9v1DAQxb8KyiEnEv8bx_ZKEWq3XQEFNQhVSFyQY4-TQLMbxV5aQHx3vF3UQ0-2x-_33sz8KY7rfbEpxpSWDSHu3v2o52HytTvMZBinFInQVDZUkYkAN4oTSuLqCAjNmKFckWUhjLA3Y6vHO7iYrjuYu7e72-XDV9ndPH78vlTWPMrOv__1c_jUTfAw60t1s_2y-305Xg8S_R3jt5_99qpcJ98yiT1w2VTYKFMxhq4yEGiFAAJ6ocAxXqbUXk0rulTafBXlcuxzT5luWNN46k0A0IoHjYYKFM6WNqy-1aVLLStjahtavC6W9eAwxsOa53eHFevnQqx7u9_j0xmx3nbbHaK_6N5l6mHyA6Zvk8_UOQ7DiziXZU___1eXn87Oi52G_ZmTqBvwYCEIHjKArIcgpcnC0cbxLApaegtMBdEzA0Igg95pZLLn2nt1CknTjDFl6yznlPOKNhVVr5jcgNpQVRumDT25HiOuZ1cKCoxkvnfZXYKx3kjhTDj1eIip2NCaUgqa__0HJ_edVQ.E73hxADxLZi5BICaOnRgiWUSu9M
Title: 10 Celebrity Dads Who Have A Bad Relationship With Their KidsРеклама

Search URL Search Domain Scan URL

URL: https://click.phoenix-widget.com/go/6166d0d9f44872f8e903e3ca/.eJw9jVtuwyAQRbdS-bvYPG3wZ5fQDVSYGWLaGCIgiZyqey-ppWo-Rpp77pnv7prP3dyttV7KPAz3tPmQsXepD-fhccMH7ENOm407eUS7YQw1lYqfJJGvVFPeV3LbScRneg5D99pdcnJYSspN61Jz_R9Kn22EtPWLLdi_2Rgxv_9dWu0e4IT1I0CrjWwcgaL3UuqJe42GChTONezIuZFGAucLk20pTrU0FEzLnd0uNpziIVLotUchQRhNjbDTYgRorRu42rIekAdQHrUbwQJTRhlOBZ-W9pdR1Ew0uIYNS23qhnPKOaEjodMLU7OcZjr1hj2ngdeC-bBSOUmjGCxOgVXSWDBKOOO7n1_aWnJG.sPgxYwgeNcH9x18ERFmHNuF8HWY
Title: Романы знаменитостей, о которых никто не зналРеклама

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://shumskyi.pro/test-sociofobiya
Title: Тест соціофобія

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/79362374/

Search URL Search Domain Scan URL

URL: https://t.me/nnews_com_ua

Search URL Search Domain Scan URL

URL: https://twitter.com/NNews_com_ua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nnews.com.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNN83cOtJK7rWZgqA4DObow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nnews.com.ua/ HTTP 301
https://nnews.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sj0Za3xRcWd3NytQbVlDcnFjV29xaUNwcm5OQ2QyeEh4NnFGZHl6L1duVzdEaG9LcjFTUi9Wd1B0ZlJhQWxIeGEyMDBETlJkMmkxQUsrUFFOT1YrdlU3dTFZSm9uVlF2QTEvQjMxK2phbW9TSWVLNDV2MG5Xb0ZyKzJWV2tIWW45S2tpZ3c0NWFuNVdvOFoya1NRRTBENXV4VDBBcGpvRmd3eGRvRXJ1N2RsdzhjTlJvZnlnOUJNem5wbzZZZjQ0WGdWNWFpZ01qZy91ZlNGblpZeXpaeTluQk92RHd3OWM4U3dvTkFXQmk3Ly9UK25RPXw&cppv=2

Request Chain 97

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d9b9%26reqId%3D444c3f9e-aa2f-4fd0-6b59-35677619b495%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=3705855517293247525&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEFh9SfloG9xR9m5_66gpTUs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

Request Chain 100

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=9826909f-d9eb-49b6-5109-a3c35b40d9b9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d9b9%26reqId%3D444c3f9e-aa2f-4fd0-6b59-35677619b495%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=9826909f-d9eb-49b6-5109-a3c35b40d9b9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d9b9%26reqId%3D444c3f9e-aa2f-4fd0-6b59-35677619b495%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=34172274593298041750122544568134526391&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

Request Chain 101

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=D1%2BAKXlvPiA%2B7Y6R36ufLcbB3epS6K61%2BS41iYitP1U%3D

Request Chain 102

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d9b9%26reqId%3D444c3f9e-aa2f-4fd0-6b59-35677619b495%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

Request Chain 117

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=967D7745-4AAD-4158-BE2A-B06E490FD29D&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

Request Chain 118

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26url%3Dhttps%253A%252F%252Fnnews.com.ua%252F%26hn_ver%3D40%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=3705855517293247525&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_gid=CAESEOzw1Jk2UlgWdwcok6MIY3w&google_cver=1

Request Chain 121

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0&cklb=1

Request Chain 134

https://c.mgid.com/c?pv=2&v=0|0|0|8hU4AiEP4mPHFOpLZ5PKxMjp-a9x5PdJyvgQPi4wm8B7KCWFzBhEg5edU12OSdCD&cid=852660&f=1&h2=qfhc2xK2KoQKzoip0ATWKkRgECLkbhqjWY10mOTk7KU*&rid=15eb4256-e679-11ec-94f0-e4434b374c12&psid=6166d0d9f44872f8e903e3ca&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4MDU2MDcvMzI4eDMyOC84MXgweDQ1MHg0NTAvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MFpXMXdMekl3TVRjdE1EWXRNakl2TVRBeE9USTBMMkpqWkRGbFlURTNaVEEyWmpFek56RTROelV3Tm1KaVpERXlaVEU0WW1VMkxtcHdaejkwUFRFME9UZ3hOakU1TVRZd09EQS53ZWJwP3Y9MTY1NDYxNjgyNy1RWEt1SlRyQk1HeUo1VWhyeTdTa2pLQ0FVa0R1MmpBUkZEY3kzMWE5SFh3 HTTP 301
https://s-img.mgid.com/g/3805607/328x328/81x0x450x450/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=1654616827-QXKuJTrBMGyJ5Uhry7SkjKCAUkDu2jARFDcy31a9HXw

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&C=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yp9y-GpEYdqQEH7R5-.T8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&google_hm=2

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELbjvdPfD6j45OSzWAol3Ro&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwNTg1NTUxNzI5MzI0NzUyNQ%3D%3D

Request Chain 202

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kEDedUygM4QGdOez3iGYtJXnFpeLdh1ncqICHFOnZlv0ekyKScM-5MZeKyeK&google_gid=CAESENiY977FZ0UZ9R4OvYQvCrY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXA5eS1BQUFCSHdsaG5nNw&google_push=ARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kEDedUygM4QGdOez3iGYtJXnFpeLdh1ncqICHFOnZlv0ekyKScM-5MZeKyeK

Request Chain 203

https://d.agkn.com/pixel/2175/?google_gid=CAESEIOh8H8qWHd6IIoxmUC1jMI&google_cver=1&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s&google_hm=Q0FFU0VJT2g4SDhxV0hkNklJb3htVUMxak1J

Request Chain 204

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIYkaT3QFLtQBHrhX2vrgzom2qG9H8voT&google_gid=CAESELW54IGQMdPYxeR7Eh4z7BQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIYkaT3QFLtQBHrhX2vrgzom2qG9H8voT&google_gid=CAESELW54IGQMdPYxeR7Eh4z7BQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcxNTQ3MDgwMDAxNDc2MTMyMTM2OQ%3D%3D&google_push=ARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIYkaT3QFLtQBHrhX2vrgzom2qG9H8voT

Request Chain 206

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK88tQNuPil8Pmrn4KFDPLU&google_cver=1&google_push=ARnp8GBrpJzDdQm8lADfFzJpNCNj-Bz399-OTmeilQDkB1whse1Daapf0Yftj49GwMxG_-EOSS3yWWnwQA92XTBw1ZYlDrdXbryn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ln13RUqtQVi-KrBuSQ_SnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBrpJzDdQm8lADfFzJpNCNj-Bz399-OTmeilQDkB1whse1Daapf0Yftj49GwMxG_-EOSS3yWWnwQA92XTBw1ZYlDrdXbryn

Request Chain 207

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcRS8UOcfVOw9OtceXgPcY&google_cver=1&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHLd3jr8mtliMrySsSyI8eONVC_L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ0QzRaV04tMVktNzFXTw==&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHLd3jr8mtliMrySsSyI8eONVC_L

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

245 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nnews.com.ua/
Redirect Chain

http://nnews.com.ua/
https://nnews.com.ua/

170 KB
28 KB

302ms
143ms

Document
text/html

176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 117a7a8ff12388a8f8f457734fe05e5917ae70f9ecc0896e9170b3b5f1f0cc1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Jun 2022 15:47:06 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://nnews.com.ua/wp-json/>; rel="https://api.w.org/"
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Tue, 07 Jun 2022 15:47:06 GMT
Location: https://nnews.com.ua/
Server: nginx/1.14.0 (Ubuntu)

GET
H/1.1 200
OK 3536505.png
nnews.com.ua/wp-content/uploads/2022/04/ 1 KB
2 KB 64ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/3536505.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bb59f00724dffe7d3c8294e9b6ffcb948425063a0a56203fcb75f84820552d42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Last-Modified: Sun, 15 May 2022 19:46:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281587d-564"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1380
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2111646.png
nnews.com.ua/wp-content/uploads/2022/04/ 3 KB
3 KB 219ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/2111646.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fc2df9a6d8d6b992b832a8112600a8b6e45f3c0035abee8e6810df317ad768c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Last-Modified: Sun, 15 May 2022 19:46:21 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281588d-a7c"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2684
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1384065.png
nnews.com.ua/wp-content/uploads/2022/04/ 2 KB
3 KB 64ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/1384065.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7d4366e9b500c60992c39f8d30615abc4d152a7d80c8702bef0debd33200be9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Last-Modified: Sun, 15 May 2022 19:46:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281589a-8d2"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2258
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 733547.png
nnews.com.ua/wp-content/uploads/2022/04/ 810 B
1 KB 64ms
63ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/733547.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec744f959fb090c83c461e460075b9ee7e3347cbba48a6ae4e8aa537fe9fa358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Last-Modified: Sun, 15 May 2022 19:45:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62815859-32a"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 810
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1384060.png
nnews.com.ua/wp-content/uploads/2022/04/ 2 KB
2 KB 63ms
63ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/1384060.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dd0f89861eac2cc297e0135134cfb79521c855872286ed1fddd3403fc2e01ca5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Last-Modified: Sun, 15 May 2022 19:46:35 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281589b-624"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1572
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK L2_dark.svg
nnews.com.ua/wp-content/uploads/2022/04/ 3 KB
3 KB 65ms
65ms Image
image/svg+xml 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/L2_dark.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 71443a4023953c509ec42fda233e80a82888c3d5ae1dc5907a4282759875323e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Wed, 27 Apr 2022 09:51:56 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6269123c-a45"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2629

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 136ms
53ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199281257-1

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a7a24ec12944d9d6123a496f78f3a7df19434add8a67748b50a68372ddd1a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39608
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H/1.1 200
OK jquery.min.js Show response
nnews.com.ua/wp-includes/js/jquery/ 87 KB
31 KB 122ms
82ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 21:05:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"60f73a90-15db1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
nnews.com.ua/wp-includes/js/jquery/ 11 KB
5 KB 170ms
67ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5fb4e3fe-2bd8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.js Show response
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/js/ 193 B
609 B 191ms
63ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/js/frontend.js?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 96f31318bf5c5ca3fe23fbf2f60100e37f384130e56d9e1148007c954dcd0471

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-c1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK front-main.js Show response
nnews.com.ua/wp-content/plugins/wp-social/assets/js/ 2 KB
1 KB 192ms
63ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/js/front-main.js?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-925"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK social-front.js Show response
nnews.com.ua/wp-content/plugins/wp-social/assets/js/ 459 B
742 B 152ms
63ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/js/social-front.js?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-1cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu.js Show response
nnews.com.ua/wp-content/plugins/mobile-menu/includes/js/ 16 KB
4 KB 70ms
68ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6197a7455f9b7a646b461c3487c4c79a545d42b6a65113be86be136a33edb8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-3e15"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 141ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7961f9d4ed4628e4acc88b604241ac56ff4f283523bac33f1f79644e07aaac22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56269
x-xss-protection: 0
server: cafe
etag: 10787381266925931908
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 168ms
40ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw41PzL/H6UAAA
x-accel-expires: @1654660955
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: e5cJzwlDPPA
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 42271
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 135 KB
15 KB 202ms
75ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 11d8f52f9c23e917c08c96916d4ce9e773b8be8d2dd5d6c09de13063b6722c70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw4Cq2j//5gAAA
x-accel-expires: @1654664059
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: t6iUJ4NMIVc
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 39167
x-77-pop: frankfurtDE

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 204ms
77ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=20
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw6Ghp7/HqUAAA
x-accel-expires: @1654660956
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: 4SRGKgvLvKk
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 42270
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 135 KB
15 KB 218ms
90ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=20
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cf3c7a1954307bcb31397de91cdac158cad9985ef65683fffecd25a63a03e1ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw4KWgz//5gAAA
x-accel-expires: @1654664059
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: qDWO82lHBBU
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 39167
x-77-pop: frankfurtDE

GET
H2 200 nnews.com.ua.1291903.js Show response
jsc.mgid.com/n/n/ 2 KB
1 KB 315ms
248ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.js
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9886316b7350e43f406b1b5332f37bd5405d09753abd719cb27166006087a662

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1K7FWRCR6KG916XP
last-modified: Fri, 13 May 2022 10:59:23 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: bj0IqXfg.JyhCrm8ITSPsvB4iuewUtwb
x-amz-id-2: JFUCLm9gC3ETjZguCVSshlEsYur/vnPdGTOS4CFk0telX5kw2r9d/YQsGT0FBKoyDKkI6OIdt8I=
cf-bgj: minify
server: cloudflare
etag: W/"7073d757fcc7094ebe2b60bacd37aaff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 717a8640c82988c2-LHR
expires: Tue, 07 Jun 2022 18:47:07 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 92ms
91ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw6gT5v/HqUAAA
x-accel-expires: @1654660956
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: NMbUUVRqSj0
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 42270
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 135 KB
15 KB 111ms
110ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=19
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c4ccf99571c3da3f5890d206696aacf09ddda014b655fc7fd1a6434c36564505

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw6GA7P//5gAAA
x-accel-expires: @1654664059
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: Y2Jw6Ol8kHQ
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 39167
x-77-pop: frankfurtDE

GET
H/1.1 200
OK jsonp_v3.js Show response
phoenix-widget.com/static/js/ 68 KB
21 KB 157ms
66ms Script
application/x-javascript 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phoenix-widget.com/static/js/jsonp_v3.js
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 594f184d374383c66e8cf7973b56d0dfda8038654f3cea99a32050eaf8d3838b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jun 2022 16:54:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"629799ae-10e03"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public, no-transform, must-revalidate
Connection: keep-alive

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 71ms
69ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw5CgK7/H6UAAA
x-accel-expires: @1654660955
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: OHGXlqMRX4E
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 42271
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 135 KB
15 KB 71ms
70ms Script
text/html 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=28
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b1af02e5267b69fdd38eee9515849deb83f52f14773a1a32c02f60a07e5cd552

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw4C6hn//5gAAA
x-accel-expires: @1654664059
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: P+CuCH9Eq3Q
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 39167
x-77-pop: frankfurtDE

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 23 KB
6 KB 67ms
67ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-5d92"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK navigation.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 2 KB
1 KB 66ms
64ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-61f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.fitvids.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/fitvids/ 2 KB
1 KB 65ms
64ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-6da"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK skip-link-focus-fix.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 325 B
695 B 64ms
64ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-145"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK colormag-custom.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 3 KB
2 KB 63ms
63ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-b0a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK front.min.js Show response
nnews.com.ua/wp-content/plugins/cookie-notice/js/ 8 KB
2 KB 65ms
64ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.3
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Mar 2022 10:37:57 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62248f05-20ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK script.js Show response
nnews.com.ua/wp-content/plugins/social-rocket/assets/js/ 5 KB
2 KB 66ms
65ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/js/script.js?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9525ebb3f503818c8cf93cda1beb1496e83c15fa33118ecd2954868bd5693d17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-15c4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK intersection-observer.js Show response
nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 65ms
65ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=d9298cd9df65ad92eff12a3a90a1a5b8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 17:49:51 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62585ebf-2317"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lazy-images.js Show response
nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 65ms
64ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=a902a338e584591be6603d4879c43367
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 17:49:51 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62585ebf-925"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.min.css
nnews.com.ua/wp-includes/css/dist/block-library/ 87 KB
12 KB 70ms
70ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 21:05:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"628d488f-15b26"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.build.css
nnews.com.ua/wp-content/plugins/block-options/build/ 27 KB
4 KB 68ms
67ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/block-options/build/style.build.css?ver=new
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 00a03e55398c25bd26f079382ea8f492c5592821fc54a1a1d86283c1fcca429f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 16:38:53 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6294f31d-6d5a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.min.css
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/ 58 KB
13 KB 144ms
144ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-e7a9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/ 18 KB
2 KB 67ms
67ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9d9f587b8de85c0ff66e04e9626075d369df65bbdc2f37ad95274b6c8e69548d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-476f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dashicons.min.css
nnews.com.ua/wp-includes/css/ 58 KB
35 KB 73ms
73ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/css/dashicons.min.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 20:02:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"605cec4b-e688"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/post-views-counter/css/ 289 B
640 B 64ms
63ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Feb 2022 10:36:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62078dbe-121"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/wp-social/assets/css/ 66 KB
7 KB 73ms
72ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/css/frontend.css?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-1076f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-icon.css
nnews.com.ua/wp-content/plugins/wp-social/assets/css/ 43 KB
8 KB 84ms
84ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/css/font-icon.css?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-ab05"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/themes/colormag/ 78 KB
13 KB 77ms
77ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/style.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 164f339fe9b8d6a3a4251eb2e875c01686c824ba558f320ed9f4859bbe842667

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-1397e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/themes/colormag-child/ 357 B
681 B 63ms
63ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag-child/style.css?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8bfd5a87b548d9298230da63c68e625fcf5b12212ab5705e86df04bc8da0d8cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 18:48:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6245f77c-165"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
nnews.com.ua/wp-content/themes/colormag/fontawesome/css/ 30 KB
7 KB 73ms
72ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-7918"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 129ms
46ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:37:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 15:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H/1.1 200
OK public.css
nnews.com.ua/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
927 B 64ms
64ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2022 11:02:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6246dbce-421"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK front.min.css
nnews.com.ua/wp-content/plugins/cookie-notice/css/ 5 KB
2 KB 64ms
64ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Mar 2022 10:37:57 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62248f05-14ce"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dynamic-mobmenu.css
nnews.com.ua/wp-content/uploads/ 9 KB
2 KB 64ms
63ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/uploads/dynamic-mobmenu.css?ver=2.8.2.7-458
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9517bed8b8875d7bb1f3a1796c90ab7ea91f4031960e7b75dbf91b576cfd0cc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 09:52:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62691241-2544"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
616 B 164ms
91ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3A500%2C400&subset=latin%2Clatin-ext&ver=6.0

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84b78c17a297376b3e237b79f885b2cc37f52ff98b9450cf47b79742f58884ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:47:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 15:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/plugins/social-rocket/assets/css/ 21 KB
4 KB 64ms
64ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/style.css?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 418d9874dd62b9f78cdc4748132a6ba853675d5ea12bec04de41871aabbe01dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-5454"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.min.css
nnews.com.ua/wp-content/plugins/social-rocket/assets/css/ 58 KB
13 KB 78ms
77ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-e7a9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpw-frontend.css
nnews.com.ua/wp-content/plugins/smart-recent-posts-widget/assets/css/ 3 KB
1 KB 64ms
64ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/smart-recent-posts-widget/assets/css/srpw-frontend.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8cc1b08d63c874d0932c0a26ade1df67e2e28c43a310323f9a607f1eac6850a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 14:27:25 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"624468cd-be8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu-icons.css
nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/ 5 KB
2 KB 64ms
64ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d6a58af6179ec4972d40e77dd7e20541e17429bcb405f0b382bfef50d55e1347

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-147f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu.css
nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/ 8 KB
2 KB 64ms
63ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/mobmenu.css?ver=2.8.2.7
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 06e017fecc403fc633e00fdb66ca93ca3a73428ee84a8f0b21231e9bd8b4d9f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-2126"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.min.css
nnews.com.ua/wp-content/plugins/squirrly-seo/view/assets/css/ 2 KB
1 KB 65ms
65ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/squirrly-seo/view/assets/css/frontend.min.css?ver=12.1.04
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f2ffe1ffcd0eac165c48283d2ae6872af894f3ab7701d3520d583abac63f1938

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 May 2022 11:07:59 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"628f5f8f-911"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
nnews.com.ua/wp-includes/js/ 18 KB
5 KB 68ms
67ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 21:05:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"628d488f-48b9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 56ms
55ms Script
application/javascript 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw6mI4r/H6UAAA
pragma: public
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
etag: W/"604b9fc7-981e"
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: SUHkLFqyxeE
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 42271
x-77-pop: frankfurtDE
x-accel-expires: @1655611355

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 183ms
64ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jun 2022 15:47:07 GMT
Server: nginx
X-IPLB-Request-ID: 82B4C823:AC2A_36264064:01BB_629F72FA_18AA123:20BC1
X-IPLB-Instance: 20687
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 93 KB
30 KB 136ms
39ms Script
application/javascript 193.108.153.18
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 30827
Expires: Tue, 07 Jun 2022 16:02:07 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 105ms
33ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1821
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 197ms
126ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 717a864178587308-LHR
date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 140ms
34ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Mon, 18 Oct 2021 12:21:41 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 82B4C823:99E6_91EFC0A6:01BB_629F72FB_F9540D23:4505
ETag: "616d66d5-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame C51B 0
0 121ms
37ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1654616826918

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 141ms
40ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Jun 2022 15:47:07 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12761/ 2 KB
2 KB 156ms
36ms Script
application/javascript 54.154.72.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.72.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 79c16dc4f1912fa52c774e168fabd9f66b6893664bdf286ff773c0b7cde46c1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:06 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 126ms
41ms Script
text/javascript 13.225.84.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-175.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 21:54:37 GMT
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 64350
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 6rQ-FaA5dDwVnTerrIca0zCMwZiCv-WipXOn_NF4URcJ1G9YvN9i4g==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 154ms
40ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jun 2022 15:30:31 GMT
Server: Apache
ETag: "905bdd-930b-5e0dd44db3699"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2646
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Tue, 07 Jun 2022 16:31:13 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid6_24/build/dist/ 632 KB
158 KB 67ms
66ms Script
application/javascript 2a02:6ea0:c700::16
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid6_24/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::16 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AcO1rw6hKAD/IKUAAA
pragma: public
date: Tue, 07 Jun 2022 15:47:06 GMT
content-encoding: br
etag: W/"62851d9b-9e09a"
last-modified: Wed, 18 May 2022 16:23:55 GMT
server: CDN77-Turbo
x-77-nzt-ray: PTnNTr2UqXA
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 42272
x-77-pop: frankfurtDE
x-accel-expires: @1655611354

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 136ms
33ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=20&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jun 2022 15:47:07 GMT
Server: nginx
X-IPLB-Request-ID: 82B4C823:AC30_36264064:01BB_629F72FA_18ABD93:2FE23
X-IPLB-Instance: 38439
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 162ms
38ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=19&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jun 2022 15:47:07 GMT
Server: nginx
X-IPLB-Request-ID: 82B4C823:AC30_36264064:01BB_629F72FB_18ABD99:2FE23
X-IPLB-Instance: 38439
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 getdata Show response
api.phoenix-widget.com/api/v2/ 9 KB
9 KB 857ms
733ms XHR
application/json 143.244.196.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.phoenix-widget.com/api/v2/getdata?callback=phoenix48347&site_id=6166d0d9f44872f8e903e3ca&widget_id=6166d0eff44872f8e903e3cc&puid=0474951dbc5da549ad953c9f&url=https://nnews.com.ua/&preview=false

Requested by

Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.196.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

f560856011e52919fd611124d3dbd780f6e1b776076d217582032ce5937792d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
amp-same-origin: true
etag: "09ebd4e5a92b0225be35297a8d03a8fe5c9f34df"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
content-length: 8909

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
270 B 57ms
47ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jun 2022 15:46:33 GMT
Server: nginx
X-IPLB-Request-ID: 82B4C823:AC32_36264064:01BB_629F72FB_18A4C0D:7A07
X-IPLB-Instance: 38436
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 150ms
38ms Image
image/gif 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:06 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 96ms
33ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nnews.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Jun 2022 15:47:07 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1141
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=sj0Za3xRcWd3NytQbVlDcnFjV29xaUNwcm5OQ2QyeEh4NnFGZHl6L1duVzdEaG9LcjFTUi9Wd1B0ZlJhQWxIeGEyMDBETlJkMmkxQUsrUFFOT1YrdlU3dTFZSm9uVlF2QTEvQjMxK2phbW9TSWVLNDV2MG5Xb0ZyKzJWV2...

342 B
613 B

101ms
35ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sj0Za3xRcWd3NytQbVlDcnFjV29xaUNwcm5OQ2QyeEh4NnFGZHl6L1duVzdEaG9LcjFTUi9Wd1B0ZlJhQWxIeGEyMDBETlJkMmkxQUsrUFFOT1YrdlU3dTFZSm9uVlF2QTEvQjMxK2phbW9TSWVLNDV2MG5Xb0ZyKzJWV2tIWW45S2tpZ3c0NWFuNVdvOFoya1NRRTBENXV4VDBBcGpvRmd3eGRvRXJ1N2RsdzhjTlJvZnlnOUJNem5wbzZZZjQ0WGdWNWFpZ01qZy91ZlNGblpZeXpaeTluQk92RHd3OWM4U3dvTkFXQmk3Ly9UK25RPXw&cppv=2

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a05f20b8951e4d7b3c49769387ce1629d229e5a9638e3dbe7dfd8a9ca21e7ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2813
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:06 GMT
location: https://mug.criteo.com/sid?cpp=sj0Za3xRcWd3NytQbVlDcnFjV29xaUNwcm5OQ2QyeEh4NnFGZHl6L1duVzdEaG9LcjFTUi9Wd1B0ZlJhQWxIeGEyMDBETlJkMmkxQUsrUFFOT1YrdlU3dTFZSm9uVlF2QTEvQjMxK2phbW9TSWVLNDV2MG5Xb0ZyKzJWV2tIWW45S2tpZ3c0NWFuNVdvOFoya1NRRTBENXV4VDBBcGpvRmd3eGRvRXJ1N2RsdzhjTlJvZnlnOUJNem5wbzZZZjQ0WGdWNWFpZ01qZy91ZlNGblpZeXpaeTluQk92RHd3OWM4U3dvTkFXQmk3Ly9UK25RPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1254
content-length: 482
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 213 B
619 B 81ms
38ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid6_24/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

278fd41e3eb6680f068cda06a901691611dcb4c636a39662e0664a5a53374e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nnews.com.ua
date: Tue, 07 Jun 2022 15:47:06 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK L2-3.svg
nnews.com.ua/wp-content/uploads/2022/05/ 2 KB
3 KB 66ms
65ms Image
image/svg+xml 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/05/L2-3.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 17d856678984869648bd79f6dca093140f5b8442f93f9d6bd050d5b8d1da6cf5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Wed, 25 May 2022 11:50:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "628e17f5-9f0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2544

GET
H/1.1 200
OK Canva-human-digestive-system-11-800x445.jpg
nnews.com.ua/wp-content/uploads/2022/06/ 42 KB
43 KB 64ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/06/Canva-human-digestive-system-11-800x445.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1e95daf54d011191a1318727a96b260dd12d9fd2a9f281a7e8a87de11c8781b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Tue, 07 Jun 2022 14:24:53 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "629f5fb5-a988"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43400
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Screenshot_7-300x141.png
nnews.com.ua/wp-content/uploads/2021/07/ 1 KB
2 KB 64ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2021/07/Screenshot_7-300x141.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 175f9806b0db692f4bfb4d046fb353731022f5aed68a60dcd427b126ad0837e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Sat, 11 Dec 2021 11:40:09 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61b48e19-500"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1280
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 46cef64d233dd670dca5e866028c493266625ccc1-300x200.jpg
nnews.com.ua/wp-content/uploads/2022/05/ 14 KB
15 KB 67ms
66ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/05/46cef64d233dd670dca5e866028c493266625ccc1-300x200.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a9090126a8d39d1b5a40dde038c376beeab3557a7fb82f2383c1094b0d63c3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Thu, 19 May 2022 08:42:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "628602e9-3992"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14738
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2023_BMW_7_Series1-300x169.jpg
nnews.com.ua/wp-content/uploads/2022/03/ 3 KB
3 KB 64ms
64ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/03/2023_BMW_7_Series1-300x169.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 21e35167d0be4481bd09bbb8c8ff3be57e11aa44195c84bd90ccc6c7841858c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Mon, 28 Mar 2022 13:28:59 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6241b81b-c08"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3080
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 339 KB
120 KB 145ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5922947659732689&plah=nnews.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47f6cc6764670adf90f31ee22a1538c8cf6064e3bf1e83c8fd7ad2019080ff0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122347
x-xss-protection: 0
server: cafe
etag: 9315700318848189255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/ Frame 3301 10 KB
5 KB 119ms
36ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220602/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:04:46 GMT
etag: 1327746537699501093
expires: Tue, 21 Jun 2022 15:04:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 118ms
36ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199281257-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5279
date: Tue, 07 Jun 2022 14:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Jun 2022 16:19:08 GMT

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 213 B
619 B 37ms
37ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

ce28e2bb5c8e8e25636af900e263f0eb8f17fafc2c5a7760a7800909913be65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nnews.com.ua
date: Tue, 07 Jun 2022 15:47:06 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame EF8F 0
246 B 33ms
33ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnnews.com.ua%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Jun 2022 15:47:07 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 30195
X-IPLB-Request-ID: 82B4C823:99E6_91EFC0A6:01BB_629F72FB_F9540D29:4505

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 129ms
38ms Script
application/javascript 2600:9000:20eb:6600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:10:34 GMT
content-encoding: gzip
age: 2194
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: l3HAuc-AocseJ4ttXb_9XfRbIEx8xeU8CBYU9N-VwPpJwxhefKV86A==

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 840 B
1 KB 174ms
58ms Script
application/javascript 3.248.173.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.173.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-173-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2fbd9e2e44e2aa476ac1b1b9b0b81bd30405514b5bc76757bd312e46925e826e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 840
Expires: Mon, 06 Jun 2022 12:01:19 UTC

GET
H2 200 / Show response
spl.zeotap.com/ 2 KB
920 B 78ms
78ms XHR
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b1434e85b111e13074c4e18c050f0878bb906dcf1da3f7ff04eb7f347b54a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 717a86428a3a7308-LHR
date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H3 200 nnews.com.ua.1291903.es6.js Show response
jsc.mgid.com/n/n/ 245 KB
72 KB 599ms
566ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2964958b260301a1b1164a61d41917f262470ff66f55c91f62cf15e83a3d199

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TK9X500DX5BNJ94Z
last-modified: Tue, 31 May 2022 10:28:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id: EOUPrlbZHbAJvafPh1IC_UKhJ_z6LSz3
x-amz-id-2: rEaisR78g/HQtWAF/EUh4kO+kQKj5Zg1fjZcEQHAM9tvaqGPvWKoSntTFnE6+XnKMVZYeWx0/1I=
cf-bgj: minify
server: cloudflare
etag: W/"740c544fc8a2965b57a4ddb0e4465a1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 717a8642bec388b9-LHR
expires: Tue, 07 Jun 2022 18:47:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 12:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 12:14:24 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 113ms
34ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 07 Jun 2022 15:47:07 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1124
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 117ms
36ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: dfce1d917f2a58c3dbc9fe2e7127723f79900f875f0a91a4dd088ec552aeef96

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nnews.com.ua
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 07 Jul 2022 15:47:07 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
358 B 109ms
35ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H/1.1 200
OK wclnxlwv7tmld9le3spv1-800x445.jpg
nnews.com.ua/wp-content/uploads/2022/06/ 23 KB
23 KB 81ms
81ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/06/wclnxlwv7tmld9le3spv1-800x445.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b4394aeb5b88ca838532567734d3de091c4e8599db5a86a6d94c1da7095e3cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Tue, 07 Jun 2022 13:59:27 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "629f59bf-5a4c"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23116
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 39645ea0f52c62f5294ee546c69c4dd76715199a1-800x445.jpeg
nnews.com.ua/wp-content/uploads/2022/06/ 12 KB
12 KB 65ms
65ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/06/39645ea0f52c62f5294ee546c69c4dd76715199a1-800x445.jpeg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fee0bcb5fef6ac2611b63bce630f7f70a75b662b15c4758ef942b508da0d8c94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Tue, 07 Jun 2022 13:19:18 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "629f5056-2ed4"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11988
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d...
https://mwzeom.zeotap.com/mw?adnxs_uid=3705855517293247525&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

95 B
153 B

50ms
50ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=3705855517293247525&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 717a86448e687308-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d310902b-28b1-482d-b441-3971fa0c3f6b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=3705855517293247525&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495...
https://mwzeom.zeotap.com/mw?google_gid=CAESEFh9SfloG9xR9m5_66gpTUs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b5...

95 B
153 B

52ms
52ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEFh9SfloG9xR9m5_66gpTUs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 717a86453fa77308-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEFh9SfloG9xR9m5_66gpTUs&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 36ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35b40d9b9%26reqId%3D444c3f9e-aa2f-4fd0-6b59-35677619b495%26zdid%3D1258&gdpr=&gdpr_consent=
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=9826909f-d9eb-49b6-5109-a3c35b40d9b9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=9826909f-d9eb-49b6-5109-a3c35b40d9b9&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=34172274593298041750122544568134526391&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-356776...

95 B
153 B

51ms
51ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=34172274593298041750122544568134526391&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 717a8644ced47308-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v033-0472a2a5d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: R1CTLwqbR9Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=34172274593298041750122544568134526391&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=D1%2BAKXlvPiA%2B7Y6R36ufLcbB3epS6K61%2BS41iYitP1U%3D

95 B
153 B

69ms
59ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=D1%2BAKXlvPiA%2B7Y6R36ufLcbB3epS6K61%2BS41iYitP1U%3D
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 717a86442db87308-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1258&cid=D1%2BAKXlvPiA%2B7Y6R36ufLcbB3epS6K61%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D9826909f-d9eb-49b6-5109-a3c35...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258

95 B
164 B

52ms
45ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 717a86442db77308-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=9826909f-d9eb-49b6-5109-a3c35b40d9b9&reqId=444c3f9e-aa2f-4fd0-6b59-35677619b495&zdid=1258
date: Tue, 07 Jun 2022 15:47:07 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
44ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1262027989&t=pageview&_s=1&dl=https%3A%2F%2Fnnews.com.ua%2F&ul=en-us&de=UTF-8&dt=NNews%20-%20%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1167602798&gjid=1848544704&cid=417875431.1654616827&tid=UA-199281257-1&_gid=957192384.1654616827&_r=1&gtm=2ou660&z=1502298671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 118ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 58498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 23:32:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 168ms
88ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 20:10:55 GMT
x-content-type-options: nosniff
age: 70572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:10:55 GMT

GET
H2 200 pixel;r=1367189342;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnnews.com.ua%2F;uht=2;fpan=1;fpa=P0-790270054-1654616827399;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gd...
pixel.quantserve.com/ 35 B
371 B 54ms
45ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1367189342;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnnews.com.ua%2F;uht=2;fpan=1;fpa=P0-790270054-1654616827399;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=nnews.com.ua;je=0;sr=1600x1200x24;dst=0;et=1654616827399;tzo=0;ogl=url.https%3A%2F%2Fnnews%252Ecom%252Eua%2Ctitle.NNews%20-%20%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83%2Cdescription.%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20-%20NNews%2Ctype.website%2Csite_name.NNews%2Clocale.en_US

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/webfonts/ 76 KB
77 KB 67ms
67ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/webfonts/fa-solid-900.woff2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61adfe46-131bc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
427 B 164ms
56ms XHR
text/plain 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fnnews.com.ua%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-AK-INITIAL-GEO: CC:[GB], RC:[EN], CN:[EU], CIP:[130.180.200.35], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://nnews.com.ua
X-CS-CLIENT-GEO: 27
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 27
Expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 132ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nnews.com.ua&callback=_gfp_s_&client=ca-pub-5922947659732689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5922947659732689&plah=nnews.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec97b150332cbd93a4acd088b8f5479013ecbfcfbb29e44d8c5d9d33a670b773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 146ms
46ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ACD4 108 KB
35 KB 395ms
318ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&adk=1812271804&adf=3025194257&lmt=1654616827&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnnews.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827173&bpp=2&bdt=496&idt=254&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=310351932877&frm=20&pv=2&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=269

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

174c2ca7a6eba07b5b26a15175009989577317816bf698e71e592c79c47a1c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35922
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:07 GMT
expires: Tue, 07 Jun 2022 15:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C161 75 KB
29 KB 674ms
617ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827176&bpp=2&bdt=500&idt=273&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y0YersJhL1&p=https%3A//nnews.com.ua&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61335d9f03bdbf4c7fad96093347baedf1f4317ff444c96e4f7a1dcbdd08c80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:08 GMT
expires: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F9C 86 KB
31 KB 544ms
510ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827178&bpp=1&bdt=501&idt=302&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q0lNBjmnRY&p=https%3A//nnews.com.ua&dtd=307

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

486d5c6b93a8567f62402a01dabd25f73eed07cd969a9d38b165c622ac62ac7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:07 GMT
expires: Tue, 07 Jun 2022 15:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 95ms
31ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-199281257-1&cid=417875431.1654616827&jid=1167602798&gjid=1848544704&_gid=957192384.1654616827&_u=YEBAAUAAAAAAAC~&z=849434418

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Jun 2022 15:47:07 GMT
content-type: text/plain
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50DF 84 KB
31 KB 498ms
497ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=337&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LfdLgGfbWy&p=https%3A//nnews.com.ua&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0333ecc74a2ac4ae6d96e11e0a9711f7df5a9ea8002246cc4b65f961e352e310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31949
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:07 GMT
expires: Tue, 07 Jun 2022 15:47:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=967D7745-4AAD-4158-BE2A-B06E490FD29D&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

95 B
881 B

88ms
51ms

Image
image/png

3.248.173.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=967D7745-4AAD-4158-BE2A-B06E490FD29D&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Server

3.248.173.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-173-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 07 Jun 2022 15:47:07 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=967D7745-4AAD-4158-BE2A-B06E490FD29D&fid=6471afc9-bf79-4032-b7c7-6155f536e53a
date: Tue, 07 Jun 2022 15:47:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26url%3Dhttps%253A%252F%252Fnnews.com.ua%252F%26hn_ver%3D40%26fid%3D6471afc9-bf79-40...
https://s.cpx.to/an_fire?app_nexus_uid=3705855517293247525&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

95 B
865 B

37ms
37ms

Image
image/png

3.248.173.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=3705855517293247525&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=6471afc9-bf79-4032-b7c7-6155f536e53a

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Server

3.248.173.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-173-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 07 Jun 2022 15:47:07 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 69e29270-b5f4-4da8-8f8f-c9660af9b816
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=3705855517293247525&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=6471afc9-bf79-4032-b7c7-6155f536e53a
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 43ms
42ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_gid=CAESEOzw1Jk2UlgWdwcok6MIY3w&google_cver=1

95 B
804 B

104ms
36ms

Image
image/png

3.248.173.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_gid=CAESEOzw1Jk2UlgWdwcok6MIY3w&google_cver=1

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Server

3.248.173.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-173-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 07 Jun 2022 15:47:07 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&google_gid=CAESEOzw1Jk2UlgWdwcok6MIY3w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0&cklb=1

0
316 B

33ms
32ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0&cklb=1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6471afc9-bf79-4032-b7c7-6155f536e53a&gdpr=0&cklb=1
pragma: no-cache
date: Tue, 07 Jun 2022 15:47:07 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B697 21 KB
10 KB 538ms
538ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8638af731b0052cb6d0155dcf83c060564b39d8df98669b7fb6f65f0611fd5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:08 GMT
expires: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
523 B 163ms
38ms XHR
application/x-javascript 46.137.175.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.175.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-175-238.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jun 2022 15:47:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://nnews.com.ua
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
nnews.com.ua/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 128ms
128ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "625ff83a-12d68"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160

GET
H/1.1 200
OK fa-solid-900.woff2
nnews.com.ua/wp-content/plugins/social-rocket/assets/webfonts/ 76 KB
77 KB 65ms
65ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/webfonts/fa-solid-900.woff2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Kyiv, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:07 GMT
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62483e9a-131bc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 147 KB
52 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9826662dd28521a441a6de0f76bc706db90c216979730b865f705c647df9060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53514
x-xss-protection: 0
server: cafe
etag: 8120712701484949766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Jun 2022 15:47:07 GMT

GET
BLOB 200
OK b50c5af6-ac14-46a1-b929-5f2f73192c1a
https://nnews.com.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nnews.com.ua/b50c5af6-ac14-46a1-b929-5f2f73192c1a
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 1f19c716-4852-4c40-baca-aea4c5969e8d
https://nnews.com.ua/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nnews.com.ua/1f19c716-4852-4c40-baca-aea4c5969e8d
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 147ms
47ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 145ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/ Frame 2D79 10 KB
4 KB 59ms
58ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 70034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 20:19:53 GMT
etag: 1327746537699501093
expires: Mon, 20 Jun 2022 20:19:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/ 35 B
55 B 159ms
46ms XHR
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK stats Show response
stats.phoenix-widget.com/ 0
356 B 34ms
33ms XHR
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Requested by: Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Jun 2022 15:47:08 GMT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range

GET
H3

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp
s-img.mgid.com/g/3805607/328x328/81x0x450x450/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|8hU4AiEP4mPHFOpLZ5PKxMjp-a9x5PdJyvgQPi4wm8B7KCWFzBhEg5edU12OSdCD&cid=852660&f=1&h2=qfhc2xK2KoQKzoip0ATWKkRgECLkbhqjWY10mOTk7KU*&rid=15eb4256-e679-11ec-94f0-e4434b3...
https://s-img.mgid.com/g/3805607/328x328/81x0x450x450/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=16546168...

16 KB
16 KB

50ms
49ms

Image
image/webp

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805607/328x328/81x0x450x450/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=1654616827-QXKuJTrBMGyJ5Uhry7SkjKCAUkDu2jARFDcy31a9HXw
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b2796d43ab465a8ac8cefcf83e76981211cc83478b87c6ac54ba51f438d469f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 16:40:41 GMT
x-mg-request-uuid: c88c7037-0c4c-4f51-90ef-e7bbfd54e16f
age: 2445405
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 717a86480a4188b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16282
server: cloudflare

Redirect headers

date: Tue, 07 Jun 2022 15:47:08 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: bed79a9d-3c8b-4b2e-97ed-46985719e402
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://s-img.mgid.com/g/3805607/328x328/81x0x450x450/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=1654616827-QXKuJTrBMGyJ5Uhry7SkjKCAUkDu2jARFDcy31a9HXw
cf-ray: 717a86471d9588c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
server: cloudflare

OPTIONS
H/1.1 204
No Content stats
stats.phoenix-widget.com/ Frame 0
0 156ms
30ms Preflight
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nnews.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 07 Jun 2022 15:47:08 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H/1.1 200
OK 6253f3f140afab726ccb5661.jpg
img.phoenix-widget.com/w/q85/b/ 42 KB
43 KB 144ms
65ms Image
image/jpeg 178.62.226.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.phoenix-widget.com/w/q85/b/6253f3f140afab726ccb5661.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.62.226.6 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: dff881c1b5add951dca5c8ee60331e37fa1aafc316648dd37eaadc65f3a321b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:08 GMT
Etag: 49738-bdbd4d182a6fbec8d0b64321ad90f20a5324f745
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public, immutable
Connection: keep-alive
Content-Length: 43287
Expires: Wed, 07 Jun 2023 15:47:08 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp
s-img.mgid.com/g/3805607/492x328/0x0x599x399/ 21 KB
22 KB 61ms
46ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805607/492x328/0x0x599x399/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=1654616827-Z4g4sXJLTwBPObvqYkecc82TFnKd0XogVXx1mNPuG90
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9347d35a4fefe2d59e5fb13856ab46c6038d76766485e495b92b7c08871935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:57:40 GMT
x-mg-request-uuid: 13f0af75-8829-4009-94c1-29c77c0c7f9e
age: 2445398
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 717a86472dab88c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21998
server: cloudflare

GET
H/1.1 200
OK 629494ec2b144d25208490da.jpg
img.phoenix-widget.com/w/q85/b/ 12 KB
12 KB 145ms
67ms Image
image/jpeg 178.62.226.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.phoenix-widget.com/w/q85/b/629494ec2b144d25208490da.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.62.226.6 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 7f92f097d1725766b4caaae8d648855a20ee7b946a62e4791ca9e6f10d795105

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:08 GMT
Etag: 16868-c604d7ba899ffd81cc3c443fb5f30b7c1afc90c6
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public, immutable
Connection: keep-alive
Content-Length: 12036
Expires: Wed, 07 Jun 2023 15:47:08 GMT

GET
H/1.1 200
OK watermark.png
phoenix-widget.com/static/img/ 2 KB
2 KB 40ms
40ms Image
image/png 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoenix-widget.com/static/img/watermark.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 15:47:08 GMT
Last-Modified: Wed, 28 Jul 2021 10:32:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6101324d-6a1"
Content-Type: image/png
Cache-Control: max-age=315360000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1697
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2D79 4 KB
621 B 136ms
53ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 15:47:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2D79 2 KB
983 B 231ms
142ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:45:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D79 0
0 83ms
81ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdgoU-3KfYqaaIv2y1fAPsL6roAOts93BapbJoq3kD5nj5bSEAhABIMCekocBYLsGoAG3mIGiKMgBCakCfSfhIOxRfD6oAwHIA8sEqgTCAU_QKcBFCbBtRFVmUwwtr8555CDnzrsiGuhsFPU8LHxHqkrKDxf-kjPhnW0TiiigJMCu1TQNLbcwTR0WogTcneq6r4SIRGJdMVrExocfed57ArlrhfLYbqP9E3nUKB3fpGACTxuujgl4qTBrpuxz8RnI9vj8tgOCwE-Ecn27M4DPZedsOHk2YpWHdNcyiSu6S_Ub8iaBqJkRZ908T5QL2UszsNwGOM4-WCTlJXcffQNJVECFXP56E0wOO6d6WUGxYxAnwASt1fqY-AOSBQQIBBgBkgUECAUYBKAGLoAHwPz0rgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC4zAHSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTkyMjk0NzY1OTczMjY4ORgA&sigh=3hip8w0GK80&uach_m=[UACH]&template_id=484

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame 2D79 21 KB
9 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2D79 3 KB
1 KB 228ms
145ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D79 138 KB
43 KB 149ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2D79 17 KB
7 KB 211ms
128ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:39:30 GMT

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 2D79 31 KB
13 KB 135ms
44ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 06:33:02 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/2852817790479784711/ Frame 2D79 21 KB
21 KB 179ms
103ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2852817790479784711/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd9afd8b6cda9c77a1ba39faa45a8af11398ea5f370aa70589fe1a0145944c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:35:28 GMT
x-content-type-options: nosniff
age: 22300
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21149
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:48:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Jun 2023 09:35:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16155277625228400957/ Frame 2D79 7 KB
7 KB 177ms
102ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16155277625228400957/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 13:25:09 GMT
x-content-type-options: nosniff
age: 354119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7449
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:47:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Jun 2023 13:25:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 50DF 6 KB
672 B 104ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=337&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LfdLgGfbWy&p=https%3A//nnews.com.ua&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:28:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 15:47:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 50DF 2 KB
938 B 206ms
145ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:45:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame 50DF 21 KB
9 KB 142ms
81ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 50DF 3 KB
1 KB 192ms
142ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50DF 138 KB
42 KB 177ms
108ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 50DF 17 KB
7 KB 116ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:39:30 GMT

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 50DF 31 KB
13 KB 154ms
95ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 06:33:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2F9C 6 KB
672 B 96ms
53ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827178&bpp=1&bdt=501&idt=302&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q0lNBjmnRY&p=https%3A//nnews.com.ua&dtd=307

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:08:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 15:47:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2F9C 2 KB
938 B 198ms
143ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:45:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame 2F9C 21 KB
9 KB 104ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:57 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2F9C 3 KB
1 KB 174ms
144ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F9C 138 KB
42 KB 178ms
119ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame 2F9C 17 KB
7 KB 174ms
124ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:39:30 GMT

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 2F9C 31 KB
13 KB 86ms
47ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:33:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 06:33:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50DF 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce45E-3KfYqi_JsWn5LcPsamH8Afo9Oq-Z7uT-qXrD2QQASDAnpKHAWC7BqAB2sKZhwPIAQmoAwHIA8sEqgTHAU_QYPp47yo70Znk838ijwirUgsYwvolNb3NzLGYbQ9lKZmk2LxqbhDZY84BA-5DX6d7Z6jr7238W6sPiQJJzUi56AVgTd3LUW6ueYega5M9OupVnDqtkrw8od7XEyd-AZRpbyyBgnb5EVvzDrsYI47OcUAGbhLUr0Yfho6aQANRFNmmGCWwC2D86j8kemLBnkl3DYpI-gjs_2VeKCOlfigGlPauseqyl6TzB3LwUu6hoPaqrs49br1sMZupMUCW_OV15iP6TQXABO20gu2aA5IFBAgEGAGSBQQIBRgEoAYugAeOveZ4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1_QL0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=6RirHXIQhVI&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=337&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LfdLgGfbWy&p=https%3A//nnews.com.ua&dtd=340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16055070065917639444/ Frame 50DF 19 KB
19 KB 158ms
114ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16055070065917639444/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7b6789643f62a1f0c3f8cf7c00784fced471d5addd0c50b0e543586d99d8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:48:40 GMT
x-content-type-options: nosniff
age: 529108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19047
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 11:28:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Jun 2023 12:48:40 GMT

GET
DATA 200
OK truncated
/ Frame 50DF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2F9C 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7sml-3KfYuq0JquN5LcPq6ez-A-ts93BapbJoq3kD6SFk8CwARABIMCekocBYLsGoAG3mIGiKMgBCakCfSfhIOxRfD6oAwHIA8sEqgTEAU_QpqWIBmJMifvqsU0vrCRJduMyIUfrQ8Mz65W_EgbiTtt24vGEC1cn1VSN3Ic0zhgLQIuYDuJRO_stHsdtAdIL3rPrK8gsGzYyRRhPWRnpNFgENHpa1CdNHwy6CRlZ5OO7pVTwd0d--l5qMEKwWOXhdVEWXXgkm6MbYF07hlAVFRU-VyhC2uRT2PnZupNGt4NtcC63LDeslYOwRxw-rBctvcwICXsFlREenwI2slAy5iq7IeFG506ZBGmdCDf69ZeqC4nABK3V-pj4A5IFBAgEGAGSBQQIBRgEoAYugAfA_PSuA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELLPAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=Kvu8NVB-Hb0&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827178&bpp=1&bdt=501&idt=302&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=q0lNBjmnRY&p=https%3A//nnews.com.ua&dtd=307
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2852817790479784711/ Frame 2F9C 7 KB
8 KB 97ms
84ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2852817790479784711/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bc93312ad978eb4b3771971dd07aee66fa264bc9342633b6252407c02ae958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 13:17:48 GMT
x-content-type-options: nosniff
age: 354560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7381
x-xss-protection: 0
last-modified: Fri, 20 May 2022 12:47:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Jun 2023 13:17:48 GMT

GET
DATA 200
OK truncated
/ Frame 2F9C 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F0C7 624 B
297 B 54ms
53ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGLGBC523kY1I-6ywEwAQ&v=APEucNVKVGmdKmOs3snzfiOtpJTalMybN9ERCiluBRl0N0_b4yRa2y2bv3vz6qw7BhxSgC8Qd4Pl-EG8cIpphZ3mU53WUhN2kWKUJUMEK78bT9JfJm6ZXqpXThDpu-9Anyfb9Vc9Txts1TWGdMQ8nULhgObZml4qEW7f_ntbdiQa8IbKbGZiYwo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A0E0 76 KB
32 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtZSbj0F_G1eRQ78lycacE0csvJAU1ZWoT__LYGSnvgAZ4HZgEsusE5IlKeHrvomaCa_6U5Rd_cUq7EOu4X8zyiNsJjenhEW0yJ6_qEAQU6KcOKKVaEQeqF5bQNIQFaHUBWmZi7NfH_pA5od4qEWdcqoAIdg&dbm_d=AKAmf-Di0MmYoqCHJf7qRQxQSPGYTXB_8Zw-QGgMNFx8ETtNaudQo5ipfj_PIAzACst_WFEHIm642aV-aAkSTNeoZmAqFsGdOexR9evye-ATjkjNFXXc_D8C9gHMzcEbO5N4IKdN4It0Hy8WgMnfL3IDm5t0boc4fmWNyWUYSD6q6sfULeKWupoef2Ui_zDvuAMvMyS6aUMQYPuvV2UiAidk79qP0Osq7Kky08E0RhlAWZcdRuRI1mN-GA2Q_nJrI9If_53lrHcOSvSMUhaOFu1UFIoyd9kRUtaTUYTt0pTKM_MW2ye3TailLc6sBjH-iRUXA2T66cQheUUQTfN4HJ3LQLTjyM2lsh4hTFK1sEYuBEXV5f67CpISYrYOl57EpBfezRa2LQnSrzf9-nwhi18LVAAWqd9ZcNNUSAnvQAqOnOGizWqlgdXDK-RaJF_hDd7HcrAlGHE4s0rGY5_XBYRP8iR1i78eC_1HsrjqKwGliXMEUTGuviYe5t6jmnmBzds-vpPdcOZOCaJef7cZEl5SMv7tsEx6FSDYH0VdmUSlBxSGzo4UxY3ZQB6wAHIgVhOqKLxCusmtNe4R39JCFnG-z3mb1VP60Uh3hTu4qKySk211I1Om2lpRKKYKUQlRg6JdH5Y2FWIQUngjRHgSBFi_Ts9QFBbigD5DYTgWVUCDJTUEnrzzracJH1Iw8IAKj5AEU0-MkRJLNfmuiETCe7TANJQZImRevsFa6uCrNdi-NppMoCZLRcez8yHR0zLMCYqoua9JOv5xpkz6b62fk4PytIUNCJiFKAo7bbJgZl_mZ2Qvd8bCK6VV3YOeA0BgKYCcXfOuSCXUq1reYvFPMnoBR9oVwNy4ol2wDrT1ko5t07yp-rcpkDt743ipWJss53HaGoaexpU1zXWQXnWB04JYC5pehWKMGML0J8VYrmIXZkkSM841_hnr2RbeM3vKQnhekKuKoTQMy6x4sIi2AKoNtt-uAZIhQDTN4ftTa-hQIYOdyYYAgg_zLf0w9LvbE41skGXskcz5raHCZWmAepyDZEmqyTjIGpWsUxcjPNZzHhSNJwlah--7FUSVsN-aW1Iq5pF6xdD_TkVX-y7L3XXu3E59IehzcaBhhEL8ygHYEWSBmjWM17yawZkPwVXfvh_15HIzf1oYOAqwj3QyfX67ht1uYPBU4m47dndNhQ7hppykbf9d0KVpb5N3JqUWf2f-kolMryPWANrXS1rrP7Gb1CheKH10fQG1S2HIDdPyzmHMxYk4PElVyFjNGh2RCnWa7oQniQmXrgJ3CHmjaEnq-EgK_00lLCOARX-gCP-5IpvFP7fytTPqqQMQVWfpacjGHL1uq2Z2Rzcio4rRJTNZtNlGN2RrAygs9_F55WGKvWSDce4dEN1GEy8GQNPvL8BBaxYXzZsIcQOspLbXXEsp0vJaWJTMTiGrMAQSF-rKC77gHddX7UImnsZ4TPQXPIPkbwtSwzZ0xc4ND9X8wlJUW687tmcB0QXG7y8ChMlRrUkZdDBP3BJIBHVK4C9axMsB7J_nMzF-UnToo9_ovw-afni_8XtiR1lPjxij673_t1Rg5yAi43lLQ5urHM3409JySrew7CTyFu3LgO7kMBAXcWH-FjTy4khCyDCanmuqa6uEzPBpOWBx7Lmnblst6rVxNp8UUJWqc0VckD4O5NpbdUojzKh1INH8LJukl4d_BCf-vuvoxzOgNkPnOhec6GxmYP3jFLYYhanptFVETA4KOoxCI_8l6IwKDdB-HUBvqTOq3QoVZLsHAkN-wN9ONcQsFbcF0AMJ5bS4L49SLSBDfgf4M2SKYINf_MQPqp6uFWvlORIRbgX3ZUo5HNNpuAfPaVaiQylcjqnqFxzTz9PaN96GKsOSs5oGl45oZrypxS2xqhwLk11tWmKfzm3WbUWeAQg633IZUHEmyVNck6-lU8gSm8-md_GwC-Mdwrk4WiHpEu5GnYec8KZUwrQ6jUktwQ3pqdkXcsoaq6JT-hMR7TDv3KNGRaZOJ0ofdlMm4M6rf0P8sB5z8l761HIaokGb7xdqOoQJ96dgi8AM7t1kp5VUP-Pj74fA93ARUh4-3IMu_ZE7S2RQ8UaF3LL7xdzlKzAP-IO9iBoqZNehC8nFUsXIPa1xKy8pNJKPJzchG2pcWwzTIvkN193YyJii0kxgBvKO99KrMmCjjvFdwIwuFG1w1ThsPyhQgmncfAK6bo8u9ktKpwuzaD9ctE6XOJ2d2BIHB63vnGG5p10K0uTRNV1xpq2SlFNw7wMvdPpBsQj4h2tqZOUmoHGkA-180hD8WRvEFKyAW4cN1lBQWJu_GdqxYS7lcX13tuyR4zeO805Dl1C1wFsudOm_WndtbU3m1gKQOXdPTIU4hylBZwr81YdeUiIv1Tn0WVSxEjuz9PlPmyodjKgndv7yPqhqgCC7ff74hiU2zpuDYKUCpHqDo0oQsdH0QAni3l4mjHHgDJavln-W5dilI2kFvAa5g91cAwGhbXGE-6XwlupfcP7UHx-GOZZ12m8-2cH7PgSYU1D9GkjYhzmRfn_PtyPzuNXfncJlmGPfes8CeKHjt01QuC55UCbOJdwWe8ZQlfAWyNNMdRt227LnI_Z_ILg70GG6fF2Y_2r8Ta2jxx3JwIXr_TwKE7e04-xmCcVU9TfXyUeDECX8P9uQi66rOE-UmDHqa69GaVXQYa2hh4R7X85WP8eA0ccU-9oiY-LyEsnDkjPUlmhmz0PTiySR4MjwmT1ROG9oGAWE-pQgjvWGKp0kN73LIImUlq_R1nyuCCwti9YBi6AxCC0dailkqwxinQaUBdK4zW4eG1a3BYICYu2Pl4MnBLBi1KsLsGPIlHMWI3WKRvnnipkTSICFER9CoyB0JRZ6PMQqUV6uevnSu-Kom-fGgtE3g1HgX2UGfM_FS2YoI7e5ljCI2fNzblH_d6uQ9hDJxaJN79BMN-NztINRMTBbufWTzzzp3X35GU4be5TdcCLGsodmyiGpUUUPWnAAVOLw9m4mJC5EQOZm91Pou7ogRoaaIKkZdiQy5Kn-xilaIcgOpAkQnXdo04eeUudXZ-mdHSef6M3CPWxDZjQBqW7yERVD-UHA03XiYUHHQGhC6Ultmi8zhZ4182NZsP11KG9TlvnM&cid=CAASEuRo3rDbVJJaQOwcIML-ZH1APg&rfl=2%2Chttps%253A%252F%252Fnnews.com.ua%252F%240

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d40223488b54aec018afc8b1bdacb16fa363ee1f2867ad779685968265a11441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32924
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame A0E0 3 KB
1 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0E0 138 KB
42 KB 138ms
138ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame A0E0 17 KB
7 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:39:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0E0 42 B
63 B 84ms
83ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeDPfDb2nT1Z6NbaPjUeyECPkHtNEcUxSqzyQDZsXCPFqX6OHngyD6MNN-m6z4tnMKLUzcHL2vir5S-BWEjp_vZvyvNwBj4rPRHpgq1BEvSM_WrhI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7310892388236928199
tpc.googlesyndication.com/daca_images/simgad/ Frame C161 91 KB
91 KB 147ms
43ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7310892388236928199

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827176&bpp=2&bdt=500&idt=273&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y0YersJhL1&p=https%3A//nnews.com.ua&dtd=287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1e2418185fdd103a05c32834eeddb3e21c6f1caa493f4a5bf19a9eb8d629cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 20:47:09 GMT
x-content-type-options: nosniff
age: 68399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93123
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 09:34:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 06 Jun 2023 20:47:09 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame C161 21 KB
9 KB 141ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8691
x-xss-protection: 0
server: cafe
etag: 17811423179848367920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:44:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame C161 3 KB
1 KB 139ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C161 138 KB
42 KB 138ms
134ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame C161 17 KB
7 KB 218ms
117ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:39:30 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/ Frame C161 32 KB
13 KB 219ms
120ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220602/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 13:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13058
x-xss-protection: 0
server: cafe
etag: 3195647855342160189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 13:00:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C161 0
0 83ms
81ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIFsi-3KfYoeoJvuN5LcP-LKG0AadnuHYafP7-aaMEN2xqMj8EBABIMCekocBYLsGoAG_y-aFAsgBAqgDAcgDyQSqBNABT9ALLfpfqlVqTJ_aSQfQVuU5AsPnghoGG6HRt7ijJ5YOGwwgu1N43R1AlwZnIrnQ1Z29tPnOP2vvKOnuJMuw2ZWaiIGSEwrm20wyt6-ynMeZ4FYuNCYNT2TX1qEl9DjQhnt4OB8aoU5jKzedm9bNqF-D2ySrUIJwhqoeX7q5TM-_32OW5Sy1EBaR8lBQ0GpBbpEuUXM3ojK28nnFaz7Cnp1Hvo91tOqMIaoFjhol47pU33NQbQkqmctIxoMkhuP3G-UldCjmvYKzudgt-vUqGcAEvq68hIUEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_-8gbMCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQwP8C0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=cb1WwRizYrM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827176&bpp=2&bdt=500&idt=273&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y0YersJhL1&p=https%3A//nnews.com.ua&dtd=287
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F0C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&C=1

43 B
1013 B

69ms
69ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGLGBC523kY1I-6ywEwAQ&v=APEucNVKVGmdKmOs3snzfiOtpJTalMybN9ERCiluBRl0N0_b4yRa2y2bv3vz6qw7BhxSgC8Qd4Pl-EG8cIpphZ3mU53WUhN2kWKUJUMEK78bT9JfJm6ZXqpXThDpu-9Anyfb9Vc9Txts1TWGdMQ8nULhgObZml4qEW7f_ntbdiQa8IbKbGZiYwo
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Jun 2022 15:47:08 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F0C7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yp9y-GpEYdqQEH7R5-.T8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&google_hm=2

43 B
893 B

61ms
61ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGLGBC523kY1I-6ywEwAQ&v=APEucNVKVGmdKmOs3snzfiOtpJTalMybN9ERCiluBRl0N0_b4yRa2y2bv3vz6qw7BhxSgC8Qd4Pl-EG8cIpphZ3mU53WUhN2kWKUJUMEK78bT9JfJm6ZXqpXThDpu-9Anyfb9Vc9Txts1TWGdMQ8nULhgObZml4qEW7f_ntbdiQa8IbKbGZiYwo
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Jun 2022 15:47:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoxo8AIiyYry1J0C9Y2RR0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F0C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELbjvdPfD6j45OSzWAol3Ro&google_cver=1

43 B
1018 B

38ms
37ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELbjvdPfD6j45OSzWAol3Ro&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJGLGBC523kY1I-6ywEwAQ&v=APEucNVKVGmdKmOs3snzfiOtpJTalMybN9ERCiluBRl0N0_b4yRa2y2bv3vz6qw7BhxSgC8Qd4Pl-EG8cIpphZ3mU53WUhN2kWKUJUMEK78bT9JfJm6ZXqpXThDpu-9Anyfb9Vc9Txts1TWGdMQ8nULhgObZml4qEW7f_ntbdiQa8IbKbGZiYwo

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:08 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 51189774-e323-4f5d-9f62-40871a865ae1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELbjvdPfD6j45OSzWAol3Ro&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0C7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwNTg1NTUxNzI5MzI0NzUyNQ%3D%3D

170 B
188 B

47ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwNTg1NTUxNzI5MzI0NzUyNQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:08 GMT
X-Proxy-Origin: 130.180.200.35; 130.180.200.35; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5a14412f-2710-4f94-94d8-001477d22e6e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwNTg1NTUxNzI5MzI0NzUyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A0E0 170 KB
59 KB 155ms
37ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Jun 2022 10:58:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220602/r20110914/elements/html/ Frame A0E0 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220602/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtZSbj0F_G1eRQ78lycacE0csvJAU1ZWoT__LYGSnvgAZ4HZgEsusE5IlKeHrvomaCa_6U5Rd_cUq7EOu4X8zyiNsJjenhEW0yJ6_qEAQU6KcOKKVaEQeqF5bQNIQFaHUBWmZi7NfH_pA5od4qEWdcqoAIdg&dbm_d=AKAmf-Di0MmYoqCHJf7qRQxQSPGYTXB_8Zw-QGgMNFx8ETtNaudQo5ipfj_PIAzACst_WFEHIm642aV-aAkSTNeoZmAqFsGdOexR9evye-ATjkjNFXXc_D8C9gHMzcEbO5N4IKdN4It0Hy8WgMnfL3IDm5t0boc4fmWNyWUYSD6q6sfULeKWupoef2Ui_zDvuAMvMyS6aUMQYPuvV2UiAidk79qP0Osq7Kky08E0RhlAWZcdRuRI1mN-GA2Q_nJrI9If_53lrHcOSvSMUhaOFu1UFIoyd9kRUtaTUYTt0pTKM_MW2ye3TailLc6sBjH-iRUXA2T66cQheUUQTfN4HJ3LQLTjyM2lsh4hTFK1sEYuBEXV5f67CpISYrYOl57EpBfezRa2LQnSrzf9-nwhi18LVAAWqd9ZcNNUSAnvQAqOnOGizWqlgdXDK-RaJF_hDd7HcrAlGHE4s0rGY5_XBYRP8iR1i78eC_1HsrjqKwGliXMEUTGuviYe5t6jmnmBzds-vpPdcOZOCaJef7cZEl5SMv7tsEx6FSDYH0VdmUSlBxSGzo4UxY3ZQB6wAHIgVhOqKLxCusmtNe4R39JCFnG-z3mb1VP60Uh3hTu4qKySk211I1Om2lpRKKYKUQlRg6JdH5Y2FWIQUngjRHgSBFi_Ts9QFBbigD5DYTgWVUCDJTUEnrzzracJH1Iw8IAKj5AEU0-MkRJLNfmuiETCe7TANJQZImRevsFa6uCrNdi-NppMoCZLRcez8yHR0zLMCYqoua9JOv5xpkz6b62fk4PytIUNCJiFKAo7bbJgZl_mZ2Qvd8bCK6VV3YOeA0BgKYCcXfOuSCXUq1reYvFPMnoBR9oVwNy4ol2wDrT1ko5t07yp-rcpkDt743ipWJss53HaGoaexpU1zXWQXnWB04JYC5pehWKMGML0J8VYrmIXZkkSM841_hnr2RbeM3vKQnhekKuKoTQMy6x4sIi2AKoNtt-uAZIhQDTN4ftTa-hQIYOdyYYAgg_zLf0w9LvbE41skGXskcz5raHCZWmAepyDZEmqyTjIGpWsUxcjPNZzHhSNJwlah--7FUSVsN-aW1Iq5pF6xdD_TkVX-y7L3XXu3E59IehzcaBhhEL8ygHYEWSBmjWM17yawZkPwVXfvh_15HIzf1oYOAqwj3QyfX67ht1uYPBU4m47dndNhQ7hppykbf9d0KVpb5N3JqUWf2f-kolMryPWANrXS1rrP7Gb1CheKH10fQG1S2HIDdPyzmHMxYk4PElVyFjNGh2RCnWa7oQniQmXrgJ3CHmjaEnq-EgK_00lLCOARX-gCP-5IpvFP7fytTPqqQMQVWfpacjGHL1uq2Z2Rzcio4rRJTNZtNlGN2RrAygs9_F55WGKvWSDce4dEN1GEy8GQNPvL8BBaxYXzZsIcQOspLbXXEsp0vJaWJTMTiGrMAQSF-rKC77gHddX7UImnsZ4TPQXPIPkbwtSwzZ0xc4ND9X8wlJUW687tmcB0QXG7y8ChMlRrUkZdDBP3BJIBHVK4C9axMsB7J_nMzF-UnToo9_ovw-afni_8XtiR1lPjxij673_t1Rg5yAi43lLQ5urHM3409JySrew7CTyFu3LgO7kMBAXcWH-FjTy4khCyDCanmuqa6uEzPBpOWBx7Lmnblst6rVxNp8UUJWqc0VckD4O5NpbdUojzKh1INH8LJukl4d_BCf-vuvoxzOgNkPnOhec6GxmYP3jFLYYhanptFVETA4KOoxCI_8l6IwKDdB-HUBvqTOq3QoVZLsHAkN-wN9ONcQsFbcF0AMJ5bS4L49SLSBDfgf4M2SKYINf_MQPqp6uFWvlORIRbgX3ZUo5HNNpuAfPaVaiQylcjqnqFxzTz9PaN96GKsOSs5oGl45oZrypxS2xqhwLk11tWmKfzm3WbUWeAQg633IZUHEmyVNck6-lU8gSm8-md_GwC-Mdwrk4WiHpEu5GnYec8KZUwrQ6jUktwQ3pqdkXcsoaq6JT-hMR7TDv3KNGRaZOJ0ofdlMm4M6rf0P8sB5z8l761HIaokGb7xdqOoQJ96dgi8AM7t1kp5VUP-Pj74fA93ARUh4-3IMu_ZE7S2RQ8UaF3LL7xdzlKzAP-IO9iBoqZNehC8nFUsXIPa1xKy8pNJKPJzchG2pcWwzTIvkN193YyJii0kxgBvKO99KrMmCjjvFdwIwuFG1w1ThsPyhQgmncfAK6bo8u9ktKpwuzaD9ctE6XOJ2d2BIHB63vnGG5p10K0uTRNV1xpq2SlFNw7wMvdPpBsQj4h2tqZOUmoHGkA-180hD8WRvEFKyAW4cN1lBQWJu_GdqxYS7lcX13tuyR4zeO805Dl1C1wFsudOm_WndtbU3m1gKQOXdPTIU4hylBZwr81YdeUiIv1Tn0WVSxEjuz9PlPmyodjKgndv7yPqhqgCC7ff74hiU2zpuDYKUCpHqDo0oQsdH0QAni3l4mjHHgDJavln-W5dilI2kFvAa5g91cAwGhbXGE-6XwlupfcP7UHx-GOZZ12m8-2cH7PgSYU1D9GkjYhzmRfn_PtyPzuNXfncJlmGPfes8CeKHjt01QuC55UCbOJdwWe8ZQlfAWyNNMdRt227LnI_Z_ILg70GG6fF2Y_2r8Ta2jxx3JwIXr_TwKE7e04-xmCcVU9TfXyUeDECX8P9uQi66rOE-UmDHqa69GaVXQYa2hh4R7X85WP8eA0ccU-9oiY-LyEsnDkjPUlmhmz0PTiySR4MjwmT1ROG9oGAWE-pQgjvWGKp0kN73LIImUlq_R1nyuCCwti9YBi6AxCC0dailkqwxinQaUBdK4zW4eG1a3BYICYu2Pl4MnBLBi1KsLsGPIlHMWI3WKRvnnipkTSICFER9CoyB0JRZ6PMQqUV6uevnSu-Kom-fGgtE3g1HgX2UGfM_FS2YoI7e5ljCI2fNzblH_d6uQ9hDJxaJN79BMN-NztINRMTBbufWTzzzp3X35GU4be5TdcCLGsodmyiGpUUUPWnAAVOLw9m4mJC5EQOZm91Pou7ogRoaaIKkZdiQy5Kn-xilaIcgOpAkQnXdo04eeUudXZ-mdHSef6M3CPWxDZjQBqW7yERVD-UHA03XiYUHHQGhC6Ultmi8zhZ4182NZsP11KG9TlvnM&cid=CAASEuRo3rDbVJJaQOwcIML-ZH1APg&rfl=2%2Chttps%253A%252F%252Fnnews.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:40:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220602/r20110914/ Frame A0E0 27 KB
10 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220602/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10536
x-xss-protection: 0
server: cafe
etag: 754631604453815386
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Jun 2022 15:45:18 GMT

GET
DATA 200
OK truncated
/ Frame 2D79 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a4990a88892bc608236da6ebcace21eae944dd798512c848063facfba6f2afa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A0E0 41 KB
15 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 15:10:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA16 1 KB
749 B 38ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 08 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A0E0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36524b5524c8acb8a7da48f4a49df594dad7808f9af27a2c11edbb3eb08c7439

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2F9C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1119c2a5702f52305b1cb4aead5e4f77048eae509b30614c82d435b228905838

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A24 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F9C 15 KB
16 KB 140ms
63ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 97444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 12:43:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F9C 15 KB
15 KB 83ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 100791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:47:17 GMT

GET
DATA 200
OK truncated
/ Frame 50DF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf1116dd77fa38612cbb7d4b9998f415ad427d0f0a8281c7f7e3f3bc91e274b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6076 143 B
163 B 37ms
36ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827176&bpp=2&bdt=500&idt=273&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Y0YersJhL1&p=https%3A//nnews.com.ua&dtd=287
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 07 Jun 2022 15:26:20 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 50DF 15 KB
16 KB 97ms
77ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 97444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 12:43:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 50DF 15 KB
15 KB 69ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 100791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:47:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA16
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kED...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXA5eS1BQUFCSHdsaG5nNw&google_push=ARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kEDedUygM4QGdOez3iGYtJXnFpeLdh1ncqICHFOnZlv0ekyKScM-5MZeKyeK

170 B
188 B

51ms
50ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXA5eS1BQUFCSHdsaG5nNw&google_push=ARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kEDedUygM4QGdOez3iGYtJXnFpeLdh1ncqICHFOnZlv0ekyKScM-5MZeKyeK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXA5eS1BQUFCSHdsaG5nNw&google_push=ARnp8GBewD-d3Bd5d94rQJYZm-oNvqOgBqxxT473kEDedUygM4QGdOez3iGYtJXnFpeLdh1ncqICHFOnZlv0ekyKScM-5MZeKyeK
Date: Tue, 07 Jun 2022 15:47:08 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA16
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIOh8H8qWHd6IIoxmUC1jMI&google_cver=1&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s&google_hm=Q0FFU0VJT2g4SDhxV0hkNk...

170 B
188 B

48ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s&google_hm=Q0FFU0VJT2g4SDhxV0hkNklJb3htVUMxak1J

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Jun 2022 15:47:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCTyCkm8l_N0ae6aNrvdvWUiVMeYbeGwPF3cVmMoKqUWTgU3znf0YScsDvMLTI6Xh4kSD9fq-dtZ02sfM_Y42P2j_YF84s&google_hm=Q0FFU0VJT2g4SDhxV0hkNklJb3htVUMxak1J
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA16
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVZU74...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVZU74...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcxNTQ3MDgwMDAxNDc2MTMyMTM2OQ%3D%3D&google_push=ARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIY...

170 B
188 B

50ms
49ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcxNTQ3MDgwMDAxNDc2MTMyMTM2OQ%3D%3D&google_push=ARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIYkaT3QFLtQBHrhX2vrgzom2qG9H8voT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MDcxNTQ3MDgwMDAxNDc2MTMyMTM2OQ%3D%3D&google_push=ARnp8GAVZU748hAcP87dY7fOHze34Dq_47b2Vh7k0DOO78RkAEjCEi0s_WIm-kg8epCYIYkaT3QFLtQBHrhX2vrgzom2qG9H8voT
pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 07 Jun 2022 15:47:08 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame BA16 43 B
356 B 101ms
36ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAucTfGN8XuxGF9EBzr_M3w&google_push=ARnp8GBaVM3skuqPjZhnGFYEYW2rNbUf4iGR0thifLEK_UXCL8eD4RhTGH8SKwLzmjEIg5I-PJC8HxwGXCAptusJquPgYB7NoCox&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA16
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ln13RUqtQVi-KrBuSQ_SnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ln13RUqtQVi-KrBuSQ_SnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBrpJzDdQm8lADfFzJpNCNj-Bz399-OTmeilQDkB1whse1Daapf0Yftj49GwMxG_-EOSS3yWWnwQA92XTBw1ZYlDrdXbryn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ln13RUqtQVi-KrBuSQ_SnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBrpJzDdQm8lADfFzJpNCNj-Bz399-OTmeilQDkB1whse1Daapf0Yftj49GwMxG_-EOSS3yWWnwQA92XTBw1ZYlDrdXbryn
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA16
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcRS8UOcfVOw9OtceXgPcY&google_cver=1&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ0QzRaV04tMVktNzFXTw==&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHLd3jr8mtliMrySsSyI8eONVC_L

170 B
188 B

55ms
55ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ0QzRaV04tMVktNzFXTw==&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHLd3jr8mtliMrySsSyI8eONVC_L

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDQ0QzRaV04tMVktNzFXTw==&google_push=ARnp8GDpRtFwKJV9pmXFGl3oc6PhEP81bx98gh3fddvyT_av1lzZmSFfcgBhSrzHAScKq0lKuHLd3jr8mtliMrySsSyI8eONVC_L
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame BA16 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BA16 0
12 B 46ms
45ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhjbI3sJ1Yaz0LrZbRnxqJoy7OVFVYvYbpZIFXIh5hYg92CxzQBdS0VxJVz__h6MVJQtTuLA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1654616827&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654616827179&bpp=1&bdt=503&idt=348&shv=r20220602&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=310351932877&frm=20&pv=1&ga_vid=417875431.1654616827&ga_sid=1654616827&ga_hid=1262027989&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1935&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=3327454987170718&pem=172&tmod=514236484&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=R9f6m9ndhg&p=https%3A//nnews.com.ua&dtd=361

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5CF3 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 88579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 15:10:49 GMT
expires: Tue, 06 Jun 2023 15:10:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C161 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf5b9ee0f9832ed28d6baedc7b35f0c5280b7f834d81d5656e8d7f48ab01d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/ Frame D196 25 KB
8 KB 122ms
46ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee03238e15734195ccf1cb1eaef041dc007df8969c74c1266bcddd110f1833a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 7676
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:08 GMT
expires: Wed, 08 Jun 2022 15:47:08 GMT
last-modified: Wed, 01 Jun 2022 10:12:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A0E0 0
622 B 191ms
82ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiepR-Tvxph_dxFdsYVBT3Sxiv6IUUv40rVkbmgtuvSCKKah7cVryiMLXlxEM-ccfm2mQOxNS2bq_4TP-smxFQcwNmb6TfpxRX-sjapoURlDLVPyYkWRYSrLfm2kOAlPVvEwh2ba_SJpopBYgyZDttuePBZDcLm0a7NNwcI_CUyrJ-VOM7N3P8TY5xWAjCoS-pNI73pyvXEnZzjE6uA5OPUrjvlfQUA72TN4rhwAhrySM1TTuNbmxyESUECEhcHCtiNZdojETfhHr7ugnTtlV7NnbR7UOC1N-J02a5vmPpFXAKH4s1pyabWzOwImUTCvCOUVBnOuKrZItMbCiO8RT-tVQwC4OU19DIPZAPGi5l2Ir2XMHQWoJpNNn3kA7Rb8WMqZLXvuyPZCC_mnaU9sGs4mMq7qUypeOuSxnHCdZFntd1wjHmtCW58HDqRncdX7SzCVS2u8WXQt9f0ktBOa7qWwL-uPmSN83W2aKlDeXq81cvTI6nHBBWUj_Jf9W3dzNQTmRlwn5FGo5mXwH7xnqslICBhj5ZSmUSn0UNCo-I27Scug_7pg_qnZ_iBLxBn9Sf0XG7Pd9VvKUDUiIz5i0b5TFI3po2-6gIWPi69W5LxFR-lRMCMSDt0cOIzztN0XM9uTMuRMD97aAvX40ac1ElKnwPUMzewUaakQkcTOmKC4A_FIKih_af5540VW2VkK2MJFZkQAaZHb8-BuHaZ-BwS8Z0VH0zjJKpuifQpoq39A7j2rY2EPdpsIyty8nS1ekVqEH9hnjJkTfp0kRGH5Pxc80-jxAzZ3Q9aol99mIlUpVUMkkmgESfntqwIIl-pd97OI3RrLTrRVXepGOSJODp-1n27PSpINcJBqqXre2khjeh-YUKDcu6J6o_YPho4jhXFRO66XGA8SXrOt23ALjudC9Q5YNw5sfDytsCZnVuvsr-fk9mPXaXDe_CO17C-iL5g1oFhwzUxyNvplKxZXtlMXzY4FTFJAFAlnxc27jKFl5HABkkL3x7532irS7eVLQafDPc5d6LdyYoHhHFAh3Bmt148b6dDdbmFXS51pPQq-XO3UmAKUpax4Ai-ldeCyhS9XSnUIqU2IuMc6ctsgvlWQf4rt8Q6rt4FtRE3dfrvYgOb7qzkSnOVTHgTVCphkTRp-37vGD2KBkDLm6MW2ISRQVloRWPpxGHPDb0P4nM9wFKa1FgZj-JG3puoi3xebTd&sai=AMfl-YQWkRPbecm2ODHzSXtEhr4Qmn7Z4wLmuX8XEm5YNPN4_FbFpo04wTHaJJbVXx8B-za_tsZqNTPDcxgPVLWR6OKWejidQvQyv7hpTiQsPHlOLOL9TqD8BbsFUkFxngoVc_7H49arfQP_qLj3H5ar_uxaf6KZKg&sig=Cg0ArKJSzBZIN1lD8CnkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=320&cbvp=1&cstd=313&cisv=r20220602.99064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F7D 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E84 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6076
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
85ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Jun 2022 15:47:08 GMT
expires: Tue, 07 Jun 2022 15:47:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 07 Jun 2022 15:47:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame A6D1 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CF3 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 200 / Show response
c.mgid.com/pv/ 0
186 B 135ms
135ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1654616828654475179359&uniqId=06505&lct=1653955200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnnews.com.ua&lu=https%3A%2F%2Fnnews.com.ua%2F&sessionId=629f72fd-04a6c&pageView=1&pvid=1813ed92aef84bb0009&site=735252&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 717a864b288d88b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 54ms
44ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 4492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SP9S38C17NRA2N
x-amz-id-2: hM4jifOGVgGSz6n0l6qEeMQS+d1FUtMyTEFZ3vsaDAWa8MOI25u2t1jcWxMxYvSjEu8DXSK8SQo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 717a864b4fd288c2-LHR
expires: Wed, 08 Jun 2022 15:47:08 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
814 B 55ms
46ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 4479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 717a864b4fd488c2-LHR
expires: Wed, 08 Jun 2022 15:47:08 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/ Frame D196 27 KB
9 KB 93ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/TweenLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c609cb94dfc08171d6656e5f7ebed5a5ba8a32295ab6e3265110600316d66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1606538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9027
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-6de6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pft3USutFO1ETktEAF4MKrhILfiRTi7yCDvI7lWSZ7%2Fo0CRC%2BkZyRLzu0jZy6738L3i9pdns52rjUKwdJ3duATcMRsI5om7zgvmcdklRXHTWNw3Xdj7V98yehDC%2FaPWJPSFSCOInNWWxUY5jFBOg2DjT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 717a864c19c788a1-LHR
expires: Sun, 28 May 2023 15:47:08 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/plugins/ Frame D196 42 KB
15 KB 101ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/plugins/CSSPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f93cedbeeb9921de6cf86414f83b8b51131e55e8a21a46e59dd7b44a93ebd0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2812359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14757
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-a748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR9c2AN8PGVU2p6al6Q1BsUEFKWB%2FMMZlMG5wNa%2FA%2F6dy04xi3w1L%2F6GwUdwkQ7ClrH0YYC0y71FU%2FLKOSxSxxZMSfTNqEyB7DgQLlFeiqxx1dfMvQkmJSe%2BWwM68xR0uCeVRmWu6EdPaBOCZYY0Ge6I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 717a864c19cb88a1-LHR
expires: Sun, 28 May 2023 15:47:08 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/easing/ Frame D196 5 KB
3 KB 89ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/easing/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e188bb1fc147d54713f6445258d09eaffbbe1b0b9ca331c4eb468dc0d0138c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6715094
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1829
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-158c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmqWUnnPlHL%2Fz%2ByeS3o5CXBI3kp2OfRYHRlGtitKxFqzJOKCv5FzJzap%2FMpRiA0vJkrkHGdae%2ByQBNPoEdnCSAFKEu4RYOIPgHbuOMpLg5BDwtO5yjUW4XNOoAgx0fdZGNy7iiOqTOCX5SGKTvOPxPoW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 717a864c19cc88a1-LHR
expires: Sun, 28 May 2023 15:47:08 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D196 118 KB
40 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Jun 2022 10:16:32 GMT

GET
H3 200 Background.png
s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/ Frame D196 104 B
130 B 38ms
37ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/Background.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e73480622d0f7a24b7368c21df5a4875013762df3834ac888025f655ce940ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:45:42 GMT
x-content-type-options: nosniff
age: 82886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:12:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Jun 2022 16:45:42 GMT

GET
H3 200 bg1.png
s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/ Frame D196 42 KB
42 KB 38ms
38ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/bg1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8866d3f53d614342c167b0cd389a796dc96d5f7a53a7b24323021143ae0b42d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:45:43 GMT
x-content-type-options: nosniff
age: 82885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43126
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:12:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Jun 2022 16:45:43 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1291903/ 3 KB
1 KB 65ms
50ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1291903/1?pv=5&cbuster=1654616828808358044748&uniqId=06505&lct=1653955200&niet=4g&nisd=false&jsv=es6&w=310&h=907&maxw_3=306&maxh_3=273&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fnnews.com.ua&lu=https%3A%2F%2Fnnews.com.ua%2F&sessionId=629f72fd-04a6c&pageView=1&pvid=1813ed92aef84bb0009&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b5eab44b0b298d73c6a219f437eddb9f0ada4b8e9d5882f2d7382e20fd5aa3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 717a864c3a1d88c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame D196 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9a54335df0183b16f63897fca0d8934ba9f1b50f86b2c1e1042ec615c185661

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 nexa_xbold.ttf
s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/ Frame D196 71 KB
33 KB 40ms
39ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/nexa_xbold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849d9fa93c3117edfa4388344b3f4b637bf67b48922b0e56b26c052b3c6d8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62109487/20220601031215809/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=3ZCK0ZqGxQ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33955
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:12:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Jun 2022 16:47:50 GMT

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 55ms
54ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 4493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SP9S38C17NRA2N
x-amz-id-2: hM4jifOGVgGSz6n0l6qEeMQS+d1FUtMyTEFZ3vsaDAWa8MOI25u2t1jcWxMxYvSjEu8DXSK8SQo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 717a864d4cd188b9-LHR
expires: Wed, 08 Jun 2022 15:47:09 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 68ms
67ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: br
cf-cache-status: HIT
age: 4480
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 717a864d4cd488b9-LHR
expires: Wed, 08 Jun 2022 15:47:09 GMT

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2Y...
s-img.mgid.com/g/11533332/492x277/-/ 25 KB
25 KB 118ms
79ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/11533332/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvNTU3MzZiMDY2YTBjYWY2YjgxMWIwZWJhYzE5MzQ5ZDcuanBlZw.webp?v=1654616828-E9FlEPfJYeRHrZKGULh0aJusS0fKfxPu7UuM0aidAoM
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:23:55 GMT
x-mg-request-uuid: 0ebb4ed2-85aa-4623-90e1-2944f27c3dbf
age: 2445407
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 717a864d8f3b744f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25154
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfeHlfY2VudGVyLHdfOTYwLHhfMjkyLHlfNTgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0LzQxNWI5ODYxY2VmO...
s-img.mgid.com/g/13054667/492x277/-/ 2 MB
2 MB 147ms
107ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13054667/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGZfZ2lmLGZsX2xvc3N5LGdfeHlfY2VudGVyLHdfOTYwLHhfMjkyLHlfNTgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvMTAxOTI0LzQxNWI5ODYxY2VmOTJjYTEwNjJmMWRhZWUxMzFkN2I5LmdpZg.gif?v=1654616828-fAfDPeOdYEGgL53hAnYIzEdgXDWI7N6yv1ZJ400HYxI
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464b8ed63b331112b180691a7549a907e22d7a48b2295d84f8d3059f6c4583ba

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
cf-cache-status: HIT
x-mg-request-uuid: cb931878-b37e-48e9-899d-1e4d41904e08
age: 1137553
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2344651
last-modified: Wed, 25 May 2022 11:35:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 717a864d8f3c744f-LHR
cf-bgj: imgq:100,h2pri

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE1Yjg2NGM5MWE2ZTkzYzY5NWM5N2I1YzdmMDVmNGJjLmpwZWc.webp
s-img.mgid.com/g/3944306/492x277/7x0x758x505/ 33 KB
33 KB 91ms
52ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944306/492x277/7x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE1Yjg2NGM5MWE2ZTkzYzY5NWM5N2I1YzdmMDVmNGJjLmpwZWc.webp?v=1654616828-j9WlTruFVyZrL2utPtwrf7hw-EYg8NWuoXB7mVuEe2Y
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1109e3534c71f54549d568ed920e1f84bac040871a89da5c8924100fa08a470d

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:54:52 GMT
x-mg-request-uuid: 9457df9f-cb2a-436b-9102-86fa1be54f8b
age: 2445491
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 717a864d8f3a744f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33608
server: cloudflare

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A0E0 0
26 B 158ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiepR-Tvxph_dxFdsYVBT3Sxiv6IUUv40rVkbmgtuvSCKKah7cVryiMLXlxEM-ccfm2mQOxNS2bq_4TP-smxFQcwNmb6TfpxRX-sjapoURlDLVPyYkWRYSrLfm2kOAlPVvEwh2ba_SJpopBYgyZDttuePBZDcLm0a7NNwcI_CUyrJ-VOM7N3P8TY5xWAjCoS-pNI73pyvXEnZzjE6uA5OPUrjvlfQUA72TN4rhwAhrySM1TTuNbmxyESUECEhcHCtiNZdojETfhHr7ugnTtlV7NnbR7UOC1N-J02a5vmPpFXAKH4s1pyabWzOwImUTCvCOUVBnOuKrZItMbCiO8RT-tVQwC4OU19DIPZAPGi5l2Ir2XMHQWoJpNNn3kA7Rb8WMqZLXvuyPZCC_mnaU9sGs4mMq7qUypeOuSxnHCdZFntd1wjHmtCW58HDqRncdX7SzCVS2u8WXQt9f0ktBOa7qWwL-uPmSN83W2aKlDeXq81cvTI6nHBBWUj_Jf9W3dzNQTmRlwn5FGo5mXwH7xnqslICBhj5ZSmUSn0UNCo-I27Scug_7pg_qnZ_iBLxBn9Sf0XG7Pd9VvKUDUiIz5i0b5TFI3po2-6gIWPi69W5LxFR-lRMCMSDt0cOIzztN0XM9uTMuRMD97aAvX40ac1ElKnwPUMzewUaakQkcTOmKC4A_FIKih_af5540VW2VkK2MJFZkQAaZHb8-BuHaZ-BwS8Z0VH0zjJKpuifQpoq39A7j2rY2EPdpsIyty8nS1ekVqEH9hnjJkTfp0kRGH5Pxc80-jxAzZ3Q9aol99mIlUpVUMkkmgESfntqwIIl-pd97OI3RrLTrRVXepGOSJODp-1n27PSpINcJBqqXre2khjeh-YUKDcu6J6o_YPho4jhXFRO66XGA8SXrOt23ALjudC9Q5YNw5sfDytsCZnVuvsr-fk9mPXaXDe_CO17C-iL5g1oFhwzUxyNvplKxZXtlMXzY4FTFJAFAlnxc27jKFl5HABkkL3x7532irS7eVLQafDPc5d6LdyYoHhHFAh3Bmt148b6dDdbmFXS51pPQq-XO3UmAKUpax4Ai-ldeCyhS9XSnUIqU2IuMc6ctsgvlWQf4rt8Q6rt4FtRE3dfrvYgOb7qzkSnOVTHgTVCphkTRp-37vGD2KBkDLm6MW2ISRQVloRWPpxGHPDb0P4nM9wFKa1FgZj-JG3puoi3xebTd&sai=AMfl-YQWkRPbecm2ODHzSXtEhr4Qmn7Z4wLmuX8XEm5YNPN4_FbFpo04wTHaJJbVXx8B-za_tsZqNTPDcxgPVLWR6OKWejidQvQyv7hpTiQsPHlOLOL9TqD8BbsFUkFxngoVc_7H49arfQP_qLj3H5ar_uxaf6KZKg&sig=Cg0ArKJSzBZIN1lD8CnkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=773&vt=11&dtpt=453&dett=3&cstd=313&cisv=r20220602.99064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D196 7 KB
5 KB 129ms
52ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4173bb41ecc66a632a6d46870be0ba09b23ae2b74cece17b67ae0418b312954c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5598
x-xss-protection: 0

GET
H2 200 i.js Show response
cm.mgid.com/ 0
125 B 136ms
127ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1654616829037898008629
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 717a864dad2788c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0A1A 0
38 B 115ms
114ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1654616829061825278417
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 717a864dbd4988c2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CF3 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNB_p_HKfYtGDCoWm3gPc9a7wCgAAAAA4AeAEAg&bg=!lpWlldHNAAao8wy8iPM7ACkAdvg8WnyMj0WOP17REOmx-ju2v8QGlDMmtqGSkxU1NG83bOCKnjmbwAIAAACtUgAAAAdoAQeZAu8JpFbKfdl83b4gEmOzwqRKn7b2JXHo3UGIeU0bJKiv2umpZXZM-WihgFhj5yHsDAPrKr8A8cv1Y8J9XCzpnwhL4sEjiaAkoo4h7kaXRpF25fi0jGj_TKnK-278nZ5dd6tagbXkDluPFzvRonjYkShFzhbADMEb1FNBg6gnuzib672t89jnOBg1T1EEFUvcAmL8kTTaYZvWLzrCl1Fg_fC8bVutt65FGmf6bOQWngmhteJGZ5XBbvgEbXqbmw03suCDuKrG9I1RsaLzfZ0HFUzDf5OcvfqSs1gA_0nISEGFicPmbOlVNaDcEf5NosyALgUABMkzwnmGyZsqu35zILhqrZ6TDbVJg0CeR_lvPDJAYnwAdZ82CvgdaUsKh886fijSWG1NrFmN1bLh_MsxaujNNjOqodiN74J4DCxuvMnE-7gqeI5xpaYuoRc5_n_1iBXPuNJVKwsTAbEnYSITFUbb16PLiFYWuF_cpxyqnI4U_VPV8bfvXRZdBtal81B9e8NeFrTGOukBFLXp2gTpabztN0WgCeSoWnu2YqLRZlD5NYPchnfvN1dfvZFYzef-ulwLeBZdtrGQzRckfkYOJCJo9pbONdxo6peoej2IpacEmBd2xM1e4LYQ3YkXIEP_bIg0CfW-tLFFvSMZqFX__ApN7k_1umV5_IT3Psj-81nHtjiqGHIcXUNDiCsV6AZExiGEHo4YtYq_hJUUuORZsK9VPr_7X_uLtp24Xf9DSMA5OJCwZaDRppNhHaOTDkn1F57RpJR33-8YYiGmLBrvCtczlr94v3BibNtbh37dO7zdOseVmugD9swyYuVL8TzcW_tRHgdYpw2HzMeuyqPslUtHaoAVXRiZM4FRNVZR5gtjYQXYYEuBcqFnCwf74u-LYzy7xGmgqDcsFvB90KxtoW0NhdK7Mrv7zBo7P0MSkAqUVBm3M1xD170H33brgxWDyjk8abEO__XTl9bsbZXFgYE3KH1eOkogl2ZMLSPZEgkz

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D196 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:09 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 39F5 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D79 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrfxq8vh7I8kf8rOCBOKjg4z_NPv271i2koYTVA4jsAaVn_k-V6WexDkuImLrTN2bnkUTwCFnEA6FnB0Vx_27UIwF3A0D8q6h6-kqkMgOkx_WXhi-2ScQpZ-1d&sai=AMfl-YTUNlP1Y-z4oq3jYuQIcQW9lvB5VFdtQeq2TtoXogXquYlhXyimeWNvtaB4MANmRcH64Cub7IdbAB51&sig=Cg0ArKJSzF4ULIACwW12EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=158,810,1001,1058,1058&tos=158,652,191,57,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654616827946&rpt=420&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C161 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDFMT25IQrRN-sv5nL26WSWcS-N0_4RXmQcvDHpnzZSf0pOxrOdOWGJnJZdqTllmfRG7f-Gl_0-EpgfHkBU1uAcAll_RGICP5Bsm2m-NQrLtuoeEPvrcW5Ibob&sai=AMfl-YQqdGE0tyUAJMSo0t6VCriV6zxuLmQ28V64TGDEw1sjuep51CEdBEkfdD-mchl8SMd6LiNafGVF39U-&sig=Cg0ArKJSzApKcvWmV31PEAE&id=lidar2&mcvt=1000&p=0,0,221,858&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3478457593&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654616827464&rpt=984&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 15:47:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 54ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220602&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0afc97e9522dbfc4980d4f7d026d93965ac2441e21430b1410270faaa90bf656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10701
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 15:47:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 260D 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:38:52 GMT
expires: Wed, 07 Jun 2023 15:38:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A60 783 B
536 B 126ms
47ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90bcdd363210f5f3f12e4fcd92fca121d7b649eb2d476b9186afa68c70379006

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bI-dQOJQOFiGpmY6QK13HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-bI-dQOJQOFiGpmY6QK13HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Jun 2022 15:47:09 GMT
expires: Tue, 07 Jun 2022 15:47:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 260D 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 09:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 09:41:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A60 0
0 104ms
103ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220602&jk=3327454987170718&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 260D 0
9 B 38ms
37ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y5vAaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 15:47:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220602&jk=3327454987170718&bg=!dHeldzPNAAao8wy8iPM7ACkAdvg8WsXTtLXNmCINmir6FhkNDWV0le_nT46u2hTY8J2bdLha2Wp5MgIAAABMUgAAAAFoAQeZApa_aw3V1FF2RmLm8U0qgRK0FnPOp3vVBv-iavhmY0No102gcTQ8KlHd61DM3u2tEhoEfFxuqfagcCcjOhhDxQ57uy6m_bS2Uee44j7_F_-DpB1yDHkpKjtNHSVfzq_loGG7Md5T_KCzLKO5MsWrA_ZlCesox0HI446I0pa8CuE_O779tIWCbCYpq-vusLJZCcJkB0WqYgqquI9lsSC743K0Ie7Zpps4wfXaqaD0NsbDmKqIFnoY3M19-gvSkFXZHKnWeeeOrKNwza6w81Z1rw-dshn9ErmFEMc5PvIxi7c70CE_zOxBbg7zgoAK2GlHRLpqaPxfqGwWSbE9XLeQd7STAMkqxnxStaV6PKkbBvedp-lW_CPhixlcPPQeNBourPqklW3myenusatAESmrYdVIwrvbarCZirZWw-uA2jgPe5d0r8-3Ok7ZCKPwrZkFw3Kik82IFuKcx_ahcHW_egQfBs2gvXqRHL3tPb1xkcdGFC-NeCC3vrcCVl3YHpZcTGSEpgUBUbTZpyWMkJfkKj4lZkJNnI-tzSsVxJh0da3P0XsNz4quetSqGpj0e29fQmvXdamLiI4kAHe1u8ufMWtEFXApj8n0pQCRuPr70AkoDv4B6OIwVnPW6vnNgUlpqcD91l7qGwVRG54CtZxJkdGl_4kGVVFbvo_3YWjIHUbX4CSzZVkOZSfc6E9ECTRWBdTHj5HllbRH9AS8GF9A6B680pqKRA5D2spYZlJci5ysplccV1zKEms8eSsjSSAjovU6QiyzDQV6PjMhQOdnIn-iPhpH08Bl8313qYKvKQ27FU_QseeHntkR6uCs2TT65HroKnvp6cMsSYOKLjVT3pUXG7Ev1T_PbNxiimktFRip9pj_kz9uJA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOlS7Et7P-_b1KA39EdXhkc&google_cver=1&google_push=ARnp8GDrCV9s0ZQC-hvBvHg7tYHrRuZ6CJpuu1_aZPX2T0wkMGmevz6zcF95cSug7pslPdhL1TjYymLAzf1MgG0Pc2JA01dmrepBGw

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nnews.com.ua/	1970-01-20 04:20:08	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nnews.com.ua/	1970-01-20 04:17:16	Name: sharedid Value: cb8bdbb9-1174-43f9-93bf-c6c67d79a985
.mgid.com/	1970-01-20 03:36:58	Name: __cf_bm Value: E7sNCat8OnxewBsmXkUF_6bueP1EPSSr6bKmQUTDj5A-1654616827-0-AfT5QXNfQ1Pc6LyUV2+SiLHZH8DLScR07qhiIJ8nbTTU1Gjji5BMyb9/IvYDXPS/iGwYceVQmwAQJn/1IPGbv1s=
.id5-sync.com/	1970-01-20 03:36:57	Name: cf Value:
.id5-sync.com/	1970-01-20 03:36:57	Name: cip Value:
.id5-sync.com/	1970-01-20 03:36:57	Name: cnac Value:
.id5-sync.com/	1970-01-20 03:36:57	Name: car Value:
.id5-sync.com/	1970-01-20 03:36:57	Name: gdpr Value:
.id5-sync.com/	1970-01-20 03:36:57	Name: callback Value:
.zeotap.com/	1970-01-20 12:22:32	Name: zc Value: 9826909f-d9eb-49b6-5109-a3c35b40d9b9
.zeotap.com/	1970-01-20 03:38:23	Name: zsc Value: %92%C4%7F%E9%B3R%86q%26%E7%DA%9F%DB%C6%F0%03%E2%2Ai%D2a4Ie0%0F%17%1Av%26t%DE%11%3B%AE%1A%C4f%AC%A0%5D%AA%1A%95S%E2ux%F5%B7%B5%2Ce%C3%7D%E3%A1%FD%80%DD%BE%CF%BDe%EER%7CB%FC%BD%22%BA%F3w%AE%FBD%DA0%80ol%DE%805%0C5%86mkF1%17%92%24%10%AB%C5i%10
.nnews.com.ua/	1970-01-20 21:08:08	Name: _ga Value: GA1.3.417875431.1654616827
.nnews.com.ua/	1970-01-20 03:38:23	Name: _gid Value: GA1.3.957192384.1654616827
.nnews.com.ua/	1970-01-20 03:36:56	Name: _gat_gtag_UA_199281257_1 Value: 1
.cpx.to/	1970-01-20 12:22:32	Name: cpSess Value: 3684911120e977d0
.quantserve.com/	1970-01-20 13:07:11	Name: mc Value: 629f72fb-6b261-798fc-a70ec
.adnxs.com/	1970-01-20 05:46:32	Name: uuid2 Value: 3705855517293247525
.agkn.com/	1970-01-20 12:22:32	Name: ab Value: 0001%3AKVSYOeRP%2Bg8WDcbWm3G3PrHwgivMZVlX
.nnews.com.ua/	1970-01-20 13:01:25	Name: __qca Value: P0-790270054-1654616827399
.nnews.com.ua/	1970-01-20 12:58:32	Name: cto_bundle Value: 8naR5V8zV2ppTXdKSjglMkZxc2Z3WEtZUzBjaUx5JTJGbWNqUFNlNHB0R1dTMndDUTBBQU5aWHo2MjdJRXpKYnFTd2FUQmRLVElXWkhjYzR2MmxtaXVxUGFTUGhnb3FwcWRuVUIySUc3Mjl2OVhDSkFyN093WlI5R0U4N29WeFFBVERIVWxncjI
.nnews.com.ua/	1970-01-20 12:58:32	Name: cto_bidid Value: iBZjol90Z05HNmJSd2NYJTJGVzZ4MEdSMyUyRjFvdGJBU1NONDBWbGFXdGE5aXI1VzBWRzcxdXp0Nm9JSDVCd3k2UjFuejVDRzY4RVkxMlpzOVFJMHlHZk03V1VqSnclM0QlM0Q
.demdex.net/	1970-01-20 07:56:08	Name: demdex Value: 34172274593298041750122544568134526391
.dpm.demdex.net/	1970-01-20 07:56:08	Name: dpm Value: 34172274593298041750122544568134526391
.nnews.com.ua/	1970-01-20 12:58:32	Name: __gads Value: ID=1c0f3c7c2f0efd77-2247bc1ba9cd0093:T=1654616827:RT=1654616827:S=ALNI_MZV4xi9KW9qT2-Uo46U1SGDtoM9vw
.pubmatic.com/	1970-01-20 05:46:32	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 05:46:32	Name: KADUSERCOOKIE Value: 967D7745-4AAD-4158-BE2A-B06E490FD29D
.smartadserver.com/	1970-01-20 12:22:32	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:22:32	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.cpx.to/	1970-01-20 12:22:32	Name: dsp_app_nexus Value: 3705855517293247525#1654616827707
.smartadserver.com/	1970-01-20 12:22:32	Name: pid Value: 6832363193743356847
.cpx.to/	1970-01-20 12:22:32	Name: dsp_pubmatic Value: 967D7745-4AAD-4158-BE2A-B06E490FD29D#1654616827758
.cpx.to/	1970-01-20 12:22:32	Name: dsp_dbm Value: CAESEOzw1Jk2UlgWdwcok6MIY3w#1654616827776
.doubleclick.net/	1970-01-20 12:58:32	Name: IDE Value: AHWqTUmTTafkEEMKH1bw6bvPwoLjlo5uPj51XraoebIJUaLSNxmZYO8eKCz6u4TVW2E
.adnxs.com/	1970-01-20 05:46:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In4tcE(0!]tbPl1M>e)ZlrFUfJ+tGXxo<?LCur8frY9UEQWoI+oH]M_EHIc?0EAN$FQF3If)y3KL9D3I?-+`QVOu
.casalemedia.com/	1970-01-20 05:46:32	Name: CMPS Value: 1822
.casalemedia.com/	1970-01-20 12:22:32	Name: CMID Value: Yp9y-GpEYdqQEH7R5-.T8QAA
.casalemedia.com/	1970-01-20 05:46:32	Name: CMPRO Value: 225
.casalemedia.com/	1970-01-20 03:38:23	Name: CMST Value: Yp9y-GKfcvwA
.casalemedia.com/	1970-01-20 12:22:32	Name: CMRUM3 Value: 2d629f72fc2760CAESEIoxo8AIiyYry1J0C9Y2RR0
.agkn.com/	1970-01-20 12:22:32	Name: u Value: C\|0CEAAAAAAKjIvfAAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 13:07:11	Name: na_tc Value: Y
.doubleclick.net/	1970-01-20 03:37:00	Name: DSID Value: NO_DATA
nnews.com.ua/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1291903%22%3A%7B%22page%22%3A1%2C%22time%22%3A1654616828986%7D%7D
.addthis.com/	1970-01-20 13:07:11	Name: na_id Value: 2022060715470800014761321369
.addthis.com/	1970-01-20 13:07:11	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:07:11	Name: uid Value: 629f72fcb1b79f52
.addthis.com/	1970-01-20 13:07:11	Name: ouid Value: 629f72fc0001e985767e1579d41a43b4d9f0d7ec986979ddd24a
.dlx.addthis.com/	1970-01-20 04:20:08	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:20:08	Name: na_sr Value: 20220607
.dlx.addthis.com/	1970-01-20 03:36:56	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:20:08	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOlS7Et7P-_b1KA39EdXhkc&google_cver=1&google_push=ARnp8GDrCV9s0ZQC-hvBvHg7tYHrRuZ6CJpuu1_aZPX2T0wkMGmevz6zcF95cSug7pslPdhL1TjYymLAzf1MgG0Pc2JA01dmrepBGw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220602/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-5922947659732689&fa=1&ifi=7&uci=a!7&btvi=4&xpc=8jKtiGDrR1&p=https%3A//nnews.com.ua Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.themoneytizer.com
adservice.google.co.uk
adservice.google.com
adtrack.adleadevent.com
ajax.googleapis.com
api.phoenix-widget.com
api.rlcdn.com
as-sec.casalemedia.com
c.mgid.com
c.tmyzer.com
cdn.mgid.com
cdnjs.cloudflare.com
ced.sascdn.com
cm.g.doubleclick.net
cm.mgid.com
d.agkn.com
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
img.phoenix-widget.com
js-sec.indexww.com
jsc.mgid.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nnews.com.ua
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
phoenix-widget.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
rules.quantcount.com
s-img.mgid.com
s.cpx.to
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
servicer.mgid.com
spl.zeotap.com
stats.g.doubleclick.net
stats.phoenix-widget.com
sync.smartadserver.com
tag.leadplace.fr
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.19.132.78
104.19.136.78
13.225.84.175
141.95.98.67
142.250.185.130
142.250.74.194
143.244.196.143
145.239.192.166
176.104.8.35
178.250.2.146
178.62.226.6
18.203.151.66
185.64.189.110
185.86.139.115
188.166.21.205
188.166.37.243
193.108.153.18
198.47.127.19
23.35.236.247
2600:9000:20eb:6600:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700::6811:190e
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2004
2a00:1450:4001:800::2006
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c0d::9b
2a02:2638::1c
2a02:6ea0:c700::16
3.248.173.178
3.33.220.150
3.68.169.133
34.120.133.55
34.250.36.127
34.251.55.128
34.98.67.61
37.252.172.38
37.252.173.215
46.137.175.238
51.75.86.98
54.154.72.131
54.38.64.100
63.32.228.167
69.173.144.139
69.192.160.219
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00a03e55398c25bd26f079382ea8f492c5592821fc54a1a1d86283c1fcca429f
00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0333ecc74a2ac4ae6d96e11e0a9711f7df5a9ea8002246cc4b65f961e352e310
062b2b3b8f216657703d5d3f0f8e00bdc1b786f96df18e2ebe3899d03409783b
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
06e017fecc403fc633e00fdb66ca93ca3a73428ee84a8f0b21231e9bd8b4d9f0
086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0afc97e9522dbfc4980d4f7d026d93965ac2441e21430b1410270faaa90bf656
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1109e3534c71f54549d568ed920e1f84bac040871a89da5c8924100fa08a470d
1119c2a5702f52305b1cb4aead5e4f77048eae509b30614c82d435b228905838
117a7a8ff12388a8f8f457734fe05e5917ae70f9ecc0896e9170b3b5f1f0cc1a
11d8f52f9c23e917c08c96916d4ce9e773b8be8d2dd5d6c09de13063b6722c70
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15b5eab44b0b298d73c6a219f437eddb9f0ada4b8e9d5882f2d7382e20fd5aa3
164f339fe9b8d6a3a4251eb2e875c01686c824ba558f320ed9f4859bbe842667
174c2ca7a6eba07b5b26a15175009989577317816bf698e71e592c79c47a1c57
175f9806b0db692f4bfb4d046fb353731022f5aed68a60dcd427b126ad0837e7
17d856678984869648bd79f6dca093140f5b8442f93f9d6bd050d5b8d1da6cf5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe
1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67
21e35167d0be4481bd09bbb8c8ff3be57e11aa44195c84bd90ccc6c7841858c7
235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278fd41e3eb6680f068cda06a901691611dcb4c636a39662e0664a5a53374e4e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b2796d43ab465a8ac8cefcf83e76981211cc83478b87c6ac54ba51f438d469f
2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689
2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366
2fbd9e2e44e2aa476ac1b1b9b0b81bd30405514b5bc76757bd312e46925e826e
36524b5524c8acb8a7da48f4a49df594dad7808f9af27a2c11edbb3eb08c7439
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
4173bb41ecc66a632a6d46870be0ba09b23ae2b74cece17b67ae0418b312954c
418d9874dd62b9f78cdc4748132a6ba853675d5ea12bec04de41871aabbe01dd
464b8ed63b331112b180691a7549a907e22d7a48b2295d84f8d3059f6c4583ba
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47f6cc6764670adf90f31ee22a1538c8cf6064e3bf1e83c8fd7ad2019080ff0f
486d5c6b93a8567f62402a01dabd25f73eed07cd969a9d38b165c622ac62ac7f
4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e
4a7a24ec12944d9d6123a496f78f3a7df19434add8a67748b50a68372ddd1a9b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4efac6221aec4856fc727a6d78317aade65bfe7c4db3513fd1b4a39e96874da6
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594f184d374383c66e8cf7973b56d0dfda8038654f3cea99a32050eaf8d3838b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b4394aeb5b88ca838532567734d3de091c4e8599db5a86a6d94c1da7095e3cd
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
61335d9f03bdbf4c7fad96093347baedf1f4317ff444c96e4f7a1dcbdd08c80f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a9090126a8d39d1b5a40dde038c376beeab3557a7fb82f2383c1094b0d63c3a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71443a4023953c509ec42fda233e80a82888c3d5ae1dc5907a4282759875323e
748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7961f9d4ed4628e4acc88b604241ac56ff4f283523bac33f1f79644e07aaac22
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c16dc4f1912fa52c774e168fabd9f66b6893664bdf286ff773c0b7cde46c1d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7f92f097d1725766b4caaae8d648855a20ee7b946a62e4791ca9e6f10d795105
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849d9fa93c3117edfa4388344b3f4b637bf67b48922b0e56b26c052b3c6d8636
84b78c17a297376b3e237b79f885b2cc37f52ff98b9450cf47b79742f58884ab
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8a4990a88892bc608236da6ebcace21eae944dd798512c848063facfba6f2afa
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bfd5a87b548d9298230da63c68e625fcf5b12212ab5705e86df04bc8da0d8cb
8cc1b08d63c874d0932c0a26ade1df67e2e28c43a310323f9a607f1eac6850a9
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90bcdd363210f5f3f12e4fcd92fca121d7b649eb2d476b9186afa68c70379006
93b1434e85b111e13074c4e18c050f0878bb906dcf1da3f7ff04eb7f347b54a9
9517bed8b8875d7bb1f3a1796c90ab7ea91f4031960e7b75dbf91b576cfd0cc7
9525ebb3f503818c8cf93cda1beb1496e83c15fa33118ecd2954868bd5693d17
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f31318bf5c5ca3fe23fbf2f60100e37f384130e56d9e1148007c954dcd0471
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9886316b7350e43f406b1b5332f37bd5405d09753abd719cb27166006087a662
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bf1116dd77fa38612cbb7d4b9998f415ad427d0f0a8281c7f7e3f3bc91e274b
9d9f587b8de85c0ff66e04e9626075d369df65bbdc2f37ad95274b6c8e69548d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05f20b8951e4d7b3c49769387ce1629d229e5a9638e3dbe7dfd8a9ca21e7ace
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e95daf54d011191a1318727a96b260dd12d9fd2a9f281a7e8a87de11c8781b
a2964958b260301a1b1164a61d41917f262470ff66f55c91f62cf15e83a3d199
a2bc93312ad978eb4b3771971dd07aee66fa264bc9342633b6252407c02ae958
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7d4366e9b500c60992c39f8d30615abc4d152a7d80c8702bef0debd33200be9
a9a54335df0183b16f63897fca0d8934ba9f1b50f86b2c1e1042ec615c185661
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1af02e5267b69fdd38eee9515849deb83f52f14773a1a32c02f60a07e5cd552
b3e188bb1fc147d54713f6445258d09eaffbbe1b0b9ca331c4eb468dc0d0138c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b9826662dd28521a441a6de0f76bc706db90c216979730b865f705c647df9060
bb59f00724dffe7d3c8294e9b6ffcb948425063a0a56203fcb75f84820552d42
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1c609cb94dfc08171d6656e5f7ebed5a5ba8a32295ab6e3265110600316d66d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c4ccf99571c3da3f5890d206696aacf09ddda014b655fc7fd1a6434c36564505
cc1e2418185fdd103a05c32834eeddb3e21c6f1caa493f4a5bf19a9eb8d629cb
ce28e2bb5c8e8e25636af900e263f0eb8f17fafc2c5a7760a7800909913be65c
ce785d57ef9a42ccbd1c547a34629dcadedbb4ec14c423ace11c2a33c2b45c33
cf3c7a1954307bcb31397de91cdac158cad9985ef65683fffecd25a63a03e1ec
cf893eef4d6a15ebe42f50ee7c32e405a2d82d63735940e613cebd7873f3e82d
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d40223488b54aec018afc8b1bdacb16fa363ee1f2867ad779685968265a11441
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d6a58af6179ec4972d40e77dd7e20541e17429bcb405f0b382bfef50d55e1347
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dbf5b9ee0f9832ed28d6baedc7b35f0c5280b7f834d81d5656e8d7f48ab01d9c
dd0f89861eac2cc297e0135134cfb79521c855872286ed1fddd3403fc2e01ca5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfce1d917f2a58c3dbc9fe2e7127723f79900f875f0a91a4dd088ec552aeef96
dff881c1b5add951dca5c8ee60331e37fa1aafc316648dd37eaadc65f3a321b3
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6197a7455f9b7a646b461c3487c4c79a545d42b6a65113be86be136a33edb8c
e73480622d0f7a24b7368c21df5a4875013762df3834ac888025f655ce940ca3
e8638af731b0052cb6d0155dcf83c060564b39d8df98669b7fb6f65f0611fd5e
e8866d3f53d614342c167b0cd389a796dc96d5f7a53a7b24323021143ae0b42d
ec744f959fb090c83c461e460075b9ee7e3347cbba48a6ae4e8aa537fe9fa358
ec97b150332cbd93a4acd088b8f5479013ecbfcfbb29e44d8c5d9d33a670b773
ed7b6789643f62a1f0c3f8cf7c00784fced471d5addd0c50b0e543586d99d8fa
ee03238e15734195ccf1cb1eaef041dc007df8969c74c1266bcddd110f1833a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ffe1ffcd0eac165c48283d2ae6872af894f3ab7701d3520d583abac63f1938
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f560856011e52919fd611124d3dbd780f6e1b776076d217582032ce5937792d5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f93cedbeeb9921de6cf86414f83b8b51131e55e8a21a46e59dd7b44a93ebd0c8
fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3
fc2df9a6d8d6b992b832a8112600a8b6e45f3c0035abee8e6810df317ad768c9
fc9347d35a4fefe2d59e5fb13856ab46c6038d76766485e495b92b7c08871935
fd9afd8b6cda9c77a1ba39faa45a8af11398ea5f370aa70589fe1a0145944c52
fee0bcb5fef6ac2611b63bce630f7f70a75b662b15c4758ef942b508da0d8c94

nnews.com.ua Open in urlscan Pro 176.104.8.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

91 %HTTPS

39 %IPv6

43 Domains

66 Subdomains

48 IPs

9 Countries

4987 kBTransfer

9105 kBSize

51 Cookies

10 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nnews.com.ua Open in urlscan Pro
176.104.8.35 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

91 %
HTTPS

39 %
IPv6

43
Domains

66
Subdomains

48
IPs

9
Countries

4987 kB
Transfer

9105 kB
Size

51
Cookies

245 HTTP transactions
9 data transactions