nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On July 31 via api (July 31st 2022, 2:04:32 am UTC) from GB — Scanned from GB

Summary HTTP 143 Redirects Links 105 Behaviour Indicators

Summary

This website contacted 56 IPs in 12 countries across 38 domains to perform 143 HTTP transactions. The main IP is 2606:4700:10::ac43:175a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 88978.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
3	2606:4700:303... 2606:4700:3032::6815:4f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
2	2a00:1450:401... 2a00:1450:4014:80a::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	35.156.14.215 35.156.14.215	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:401... 2a00:1450:4014:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a05:d018:24:... 2a05:d018:24:b001:736:16ab:a44d:3496	16509 (AMAZON-02) (AMAZON-02)
2 9	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	34.234.190.176 34.234.190.176	14618 (AMAZON-AES) (AMAZON-AES)
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.47.209.72 23.47.209.72	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.47.208.198 23.47.208.198	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.47.209.6 23.47.209.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:eb29:24a:27ab:996c	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	104.96.159.65 104.96.159.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.160.175.117 54.160.175.117	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6812:c4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
143	56

34 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:4f5f (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.14.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-14-215.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4014:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.190.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-190-176.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.208.198 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-198.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.209.6 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-6.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:eb29:24a:27ab:996c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.96.159.65 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.175.117 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-175-117.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 88978 static.nv.ua — Cisco Umbrella Rank: 199996	1 MB
17	googlesyndication.com 1 redirects 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	114 KB
15	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	169 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 token.rubiconproject.com — Cisco Umbrella Rank: 703 pixel.rubiconproject.com — Cisco Umbrella Rank: 333	14 KB
10	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	204 KB
9	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 287	46 KB
8	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 553 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460 r.casalemedia.com — Cisco Umbrella Rank: 770 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	8 KB
5	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 96	2 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 50808 ls.hit.gemius.pl — Cisco Umbrella Rank: 12817	19 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 397 mug.criteo.com — Cisco Umbrella Rank: 2751	8 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 234 acdn.adnxs.com — Cisco Umbrella Rank: 566	31 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 111823	182 KB
3	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1003	1 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2912 adservice.google.co.uk — Cisco Umbrella Rank: 4623	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
3	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 55499	16 KB
2	yahoo.com 1 redirects ads.yahoo.com — Cisco Umbrella Rank: 1462 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 585 cdn.indexww.com	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 615	57 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1195	789 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 813 s.tribalfusion.com — Cisco Umbrella Rank: 2171	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635 eb2.3lift.com — Cisco Umbrella Rank: 400	656 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3747 c1.adform.net — Cisco Umbrella Rank: 606	809 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 893	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	151 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 824	425 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 762	578 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 371	708 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 939	172 B
1	advertising.com sync.adaptv.advertising.com — Cisco Umbrella Rank: 21910	14 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12988	554 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2785	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5373	276 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 6944	403 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 131092	311 B
143	38

	Domain	Requested by
22	static.nv.ua	nv.ua
12	nv.ua	1 redirects nv.ua
9	cm.g.doubleclick.net	2 redirects 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com ssum-sec.casalemedia.com
9	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com nv.ua
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	token.rubiconproject.com	5 redirects
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nv.ua
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	encrypted-tbn2.gstatic.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
4	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
4	cdn.membrana.media	nv.ua cdn.membrana.media
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	pixel.rubiconproject.com	1 redirects
3	ib.adnxs.com	cdn.membrana.media acdn.adnxs.com
3	www.google.com	nv.ua tpc.googlesyndication.com 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
3	images.weserv.nl	nv.ua
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	sync.tidaltv.com	2 redirects
2	encrypted-tbn1.gstatic.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
2	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	unpkg.com	1 redirects nv.ua
2	www.google-analytics.com	www.googletagmanager.com nv.ua
2	www.googletagservices.com	nv.ua 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	c1.adform.net	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com
1	eb2.3lift.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	mug.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	sync.teads.tv	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	r.casalemedia.com	1 redirects
1	sync.adaptv.advertising.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	encrypted-tbn3.gstatic.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	www.gstatic.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	fonts.googleapis.com	50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	www.google.co.uk	nv.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.hit.ua	nv.ua
143	67

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
cdn.membrana.media R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
hit.ua R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://nv.ua/
Frame ID: E7E0AFBF5FB1B3E507F213BFDD2343C7
Requests: 79 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3A032386EDC55C1AEC16D042F0958E9A
Requests: 1 HTTP requests in this frame

Frame: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D55BF9043767AA68A45F3A9AE16AB682
Requests: 1 HTTP requests in this frame

Frame: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1B14FE83C727EE8710C43A782E9068B7
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F4EBA683B2A8165B03B29946CE40C63
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 028BB66ADE4152291FE793C4DAB41843
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E88FCEAEB14581744BB2C1D05CA0F48F
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: 83051FA07E9E12A550171462CA342734
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: 9914867D228F60E6A9FA93C7A1458227
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 96E7D8DF22BCD4E2EC7ADCD82204A22D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F812109861DC4AF363B2AFDF42AD8323
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C5BE8FAB1563E522458E8C9C80B74166
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FC298BE25FC74F856CFCE4BD2E7ADDD7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 326EAABA13EA4EDC76380598E7877F9E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ (Новое Время )

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

143
Requests

86 %
HTTPS

53 %
IPv6

38
Domains

67
Subdomains

56
IPs

12
Countries

2416 kB
Transfer

4336 kB
Size

45
Cookies

105 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry/kibergigiyena-bezpeka-onlayn-pid-chas-viyni-dlya-lyudey-ta-biznesu-50255849.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrit-industrykibergigiyena-bezpeka-onlayn-pid-chas-viyni-dlya-lyudey-ta-biznesu-50255849

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/chomu-ne-potribno-vikidati-vtulki-vid-tualetnogo-paperu-chi-paperovih-servetok-layfhak-50259851.html
Title: Стане в нагоді в побуті. Чому не варто викидати втулки від туалетного паперу

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview/rinok-neruhomosti-v-ukrajini-yak-zabudovniki-pracyuyut-pid-chas-viyni-ekspert-avalon-50258722.html?utm_source=site&utm_medium=lentaglav&utm_campaign=promosite
Title: Як зберегти ринок нерухомості під час війни — інтерв'ю з девелопером Avalon

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/yak-vidaliti-zhir-z-reshitki-gazovoji-pliti-yak-vidmiti-reshitku-na-kuhni-50259680.html
Title: Без особливих зусиль. Як легко видалити бруд з решітки кухонної плити

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/yak-pogladiti-rechi-bez-praski-yak-rozgladiti-m-yatiy-odyag-yakshcho-nemaye-praski-50259615.html
Title: ТОП-5 способів. Як розгладити м’ятий одяг, якщо немає праски

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink/galeta-z-abrikosami-prostiy-recept-piroga-z-fruktami-na-desert-50259835.html
Title: Швидкий десерт. Літній рецепт абрикосової галети

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/bavariya-peremogla-leypcig-i-zdobula-superkubok-nimechchini-divitisya-video-goliv-matchu-30-07-2022-50260029.html
Title: Суперкубок Німеччини у феєричному стилі виграла Баварія — відео

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes/goroskop-viyni-2022-koli-zsu-zvilnyat-herson-i-zaydut-na-teritoriyu-rf-prognoz-astrologa-50259869.html
Title: Звільнення від окупантів. Астролог дав прогноз найбільших боїв за Україну

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/liverpul-peremig-manchester-siti-v-matchi-za-superkubok-angliji-ostanni-novini-50260010.html
Title: Ліверпуль виграв Суперкубок Англії, здолавши Манчестер Сіті в його першій офіційній грі без Зінченка — відео

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations/droni-z-nulya-za-p-yat-dniv-50259978.html
Title: З нуля за п’ять днів. Як солдати ЗСУ навчаються керування дронами — репортаж НВ

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition/shist-fruktiv-ta-yagid-yaki-korisno-jisti-dlya-zdorov-ya-sercya-doslidzhennya-50258658.html
Title: Шість фруктів та ягід, які корисні для вашого серця. Ви дарма їх ігноруєте

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/yak-pozbutisya-pilu-naskilki-nebezpechniy-pil-i-shcho-z-cim-robiti-50259151.html
Title: Секретний метод покоївок. Як швидко і надовго позбутися пилу

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/olya-cibulska-pereklala-ukrajinskoyu-movoyu-hit-tini-karol-skandal-chomu-u-merezhi-zasudili-karol-50259985.html
Title: «Це натяк?». Оля Цибульська переклала хіт Тіни Кароль Скандал українською мовою та записала ролик у курнику

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/pozitiv-zaklikav-potapa-ta-kamenskih-povernutisya-do-ukrajini-ta-vidpoviv-chi-isnuye-shche-gurt-mozgi-50259947.html
Title: «Дуже складно йому». Позитив вважає, що Потапу та Каменських слід повернутися до України, та зізнався, чи існує ще гурт Moзgi

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/cini-na-benzin-kurs-dolara-i-tochki-zrostannya-dlya-ukrajini-yak-merezha-okko-zaroblyaye-pid-chas-viyni-50259424.html
Title: Найбільший гравець / Ціни на бензин, курс долара і втрати на $75 млн — як мережа ОККО заробляє під час війни 30 липня, 08:35 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 68

https://gaua.hit.gemius.pl/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qd3Ba2tpYqUgwtnuryaU1v_rLiYkaNJfi2fE22tr32b.w7wL687N67GmF3q5cx3FRKKuyuYYfSWG4ag_emViNkmOo162/fBcbIO1Hde_pZ/&ltime=1007&fpdata=7hkgCxhp2656uOAI_B6QbZsDpoFx2wwzbWlJts9.1Jv.b7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qd3Ba2tpYqUgwtnuryaU1v_rLiYkaNJfi2fE22tr32b.w7wL687N67GmF3q5cx3FRKKuyuYYfSWG4ag_emViNkmOo162/fBcbIO1Hde_pZ/&ltime=1007&fpdata=7hkgCxhp2656uOAI_B6QbZsDpoFx2wwzbWlJts9.1Jv.b7&fpcap=

Request Chain 97

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrocq29QEQ_wEY_wEyCB6aI37lSO8I HTTP 301
https://tpc.googlesyndication.com/simgad/5708383959281508677

Request Chain 102

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 103

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJmYIS7jPiyNy544G0llkCI&google_cver=1&google_push=AehlK4BKp1dvIwdAoAGDDVFNFcox82PvS_-Xk9MswTrz8WkcAsXANv4n6PoBth_a4kT3kXWAo9lp-J_Pv6mwYTjyVVC-WkucZnpn HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJmYIS7jPiyNy544G0llkCI&google_cver=1&google_push=AehlK4BKp1dvIwdAoAGDDVFNFcox82PvS_-Xk9MswTrz8WkcAsXANv4n6PoBth_a4kT3kXWAo9lp-J_Pv6mwYTjyVVC-WkucZnpn&s_h=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WMq8EZ3RR368sMPTz55G9w&gdpr=1&gdpr_consent=

Request Chain 104

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGCfMVS1a1rGAUcmnREHAj4&google_cver=1&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJTuap7R-v7OOKi HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LPUiIYVhRzejB3IBhdhBPA2&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJTuap7R-v7OOKi

Request Chain 106

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I&google_cver=1&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM36QOX_t_4e5UuntYVwPJRz0 HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM36QOX_t_4e5UuntYVwPJRz0&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&google_cver=1&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM36QOX_t_4e5UuntYVwPJRz0&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I

Request Chain 116

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jp4jb3xhNkdnUklKQkgwZGc5QzMva0JMWkM1M0hldEJzdGdGWTBPS1BtTmlxNTJvQlVMSFpjOXFiTGdXV2pkSTROa3VQZS9pdzBWY2tPYnN3cUJhTXZvZ1JzQ0s2TVBFUFBNdTVPL2RIK2owb0x2SGhsS05vVmFkR1ZiNWRHcjVnRnNJd21Jb25rU2JYcGNRbUQvWmwrRTYyZUZVTXN6SE9GOWxGRXZMOU1RRVdyTU5ZNUJCNVhjdktTb2tsM240RXV1T1dYc2J1R3VUOGExbEtaRlFHNVdlbGlTYWpEdy9CRU5wOTMzUzhsaThxcnA0bE4yMUpQdm9GSHZCOGtUWHJ4TjNxfA&cppv=2

Request Chain 125

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2YmFkMjE3Y2IyZGE4MjQ5MTQ0MDIwNjAyMWZiZmYzYWFiNzdlOA

Request Chain 127

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY4T0laVzgtMVMtOUJaRA==

Request Chain 128

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L68OIZW8-1S-9BZD&sigv=1&esig=2~5c19ff3c648f88d9a963ec33cded76d2c1de3ee6

Request Chain 129

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/zX4D8aDg-KibCqcAUx0CH8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1675627869439844024

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_HarNqohCHFsuU0rwOun0&google_cver=1

Request Chain 131

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oyR8qitnR5ehosB1TzAvqw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oyR8qitnR5ehosB1TzAvqw

Request Chain 132

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L68OIZW8-1S-9BZD

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuXjKwo57ROrmh5i2drDCAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKF5uQlGpsrPzSqVijwHzcE&google_cver=1&gdpr=1

Request Chain 134

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&dcc=t

Request Chain 137

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7125194701703951725&uid=Q7125194701703951725&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 138

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JPBFdgE-TsdBRPBG4w2GHNmKxGk

Request Chain 139

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4230249030444125313

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

223 KB
47 KB

302ms
201ms

Document
text/html

2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f06153aa7ba58b75588a22df22b5d78254d0500985faeefc7c6815ead7baab77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7332c360d8ae23f7-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 31 Jul 2022 02:04:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nv-cache: 180s
server: cloudflare
x-cacheable: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7332c35fbea1233d-ZRH
Connection: keep-alive
Content-Type: text/html
Date: Sun, 31 Jul 2022 02:04:24 GMT
Location: https://nv.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 ab859aca6d02b2b6d094c3bcdb74bef3.jpg
static.nv.ua/shared/system/Article/posters/002/545/115/original/ 49 KB
49 KB 71ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/115/original/ab859aca6d02b2b6d094c3bcdb74bef3.jpg?q=85&stamp=20220730172743&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68388fc1253f0b0052fcaaac5bb24ef4fe21f56f0d084abdbf2cf2b2c20c5a3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 14:31:06 GMT
server: cloudflare
age: 41174
etag: "3fbd6ed2ba5a20012fbb8f8d463e0aad"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c362595723f7-ZRH
expires: Mon, 29 Aug 2022 14:38:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
81 KB 148ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

493a565b1cd48d62b4a893c93a41b16220091bd3cd7503d596e809ee7a6a432e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82515
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Jul 2022 02:04:25 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0b99c30b51083bfea2b4b29012841762e6a78a5fb36ae0576d38730dce09b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28388
x-xss-protection: 0
server: sffe
etag: "1289 / 915 of 1000 / last-modified: 1659132299"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 31 Jul 2022 02:04:25 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 3 KB
2 KB 811ms
51ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ae986ade5953f17f0c194a77370a6f6103a569aa84033c394da615e657010b23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 300
cdn-storageserver: DE-199
cdn-cachedat: 07/26/2022 15:51:32
cdn-pullzone: 139012
server: BunnyCDN-AT-731
last-modified: Tue, 26 Jul 2022 15:50:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62e00d37-b97"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 6f7a25d5eb66af993262624806662fce
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tablet-fixes-768.css
nv.ua/css/ 2 KB
792 B 53ms
53ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-768.css?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 1348166
etag: W/"618b9271-67d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 16 Jul 2023 11:34:59 GMT
cache-control: max-age=31557600
cf-polished: origSize=1661
cf-ray: 7332c362897723f7-ZRH
cf-bgj: minify

GET
H2 200 tablet-fixes-1024.css
nv.ua/css/ 2 KB
649 B 75ms
74ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-1024.css?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 1348166
etag: W/"618b9271-700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 16 Jul 2023 11:34:59 GMT
cache-control: max-age=31557600
cf-ray: 7332c362897823f7-ZRH
cf-bgj: minify

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 52ms
52ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12750644
etag: "60e41fd8-944c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7332c362897a23f7-ZRH
content-length: 37964
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
38 KB 67ms
67ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12750645
etag: "60e41fd8-9578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7332c362998223f7-ZRH
content-length: 38264
expires: Mon, 06 Mar 2023 12:13:40 GMT

GET
H2 200 label_nv_75.png
static.nv.ua/images/main/ 4 KB
4 KB 65ms
65ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/label_nv_75.png?q=85&f=webp&stamp=4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b59b79a3de628e26f58953655d176928d1bc8a634c5f3ce5617a83bf81a7ea3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
age: 3435
cf-polished: origFmt=png, origSize=6799
content-disposition: inline; filename="label_nv_75.webp"
content-length: 3708
pragma: public
last-modified: Mon, 15 Nov 2021 09:22:42 GMT
server: cloudflare
etag: "619226e2-1a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7332c362998323f7-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 57 KB
15 KB 186ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:52:01 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Sun, 31 Jul 2022 14:04:25 GMT

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
443 B 57ms
57ms Image
image/svg+xml 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 12751108
etag: W/"5e6ff361-1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 7332c362a98823f7-ZRH
expires: Mon, 06 Mar 2023 12:05:57 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 77ms
77ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12750644
etag: "60e41fd8-d430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7332c362a98a23f7-ZRH
content-length: 54320
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 55ms
55ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12750644
etag: "60e41fd8-e8b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7332c362a98b23f7-ZRH
content-length: 59576
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 54ms
54ms Font
application/octet-stream 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 12750407
etag: "616eaf71-3914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7332c362a98c23f7-ZRH
content-length: 14612
expires: Mon, 06 Mar 2023 12:17:38 GMT

GET
H2 200 856c43eed09e4a04b2d30bd321bf8a0e.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/754/original/ 12 KB
12 KB 59ms
52ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/754/original/856c43eed09e4a04b2d30bd321bf8a0e.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7153d668885da59c5b1411bff4657ac28447d0e16e667dd032b7476dcb2c66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
age: 77974
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Wed, 27 Jul 2022 04:15:20 GMT
server: cloudflare
etag: "664cfcbf477e774e5a2f7f5d020653ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Mon, 29 Aug 2022 04:24:51 GMT
cache-control: public, max-age=31536000
cf-ray: 7332c36309bf23f7-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 f139279b539a658f83b80351f9c7560a.png
static.nv.ua/shared/system/opinion_authors/avatars/000/014/756/original/ 12 KB
12 KB 61ms
54ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/014/756/original/f139279b539a658f83b80351f9c7560a.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b776706d697d7c0ed67cb934f60fdea6fa83f6c677ae705536ec2b3b01247d0e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
age: 71701
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Sat, 30 Jul 2022 06:05:23 GMT
server: cloudflare
etag: "cba8e36d4174f74e9924f2264b7b52c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Mon, 29 Aug 2022 06:09:24 GMT
cache-control: public, max-age=31536000
cf-ray: 7332c36309c123f7-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 e24f5018d374ef267a609b78faddfe7f.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/016/original/ 12 KB
12 KB 59ms
52ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/016/original/e24f5018d374ef267a609b78faddfe7f.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561f220f18a9ae3b198b949ca05d237ff588980b0e1db8b573fdf5e61e0b0ddd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
age: 139066
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Thu, 28 Jul 2022 21:42:22 GMT
server: cloudflare
etag: "5ae0b28982cadac68842d04b38c5ffdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sun, 28 Aug 2022 11:26:39 GMT
cache-control: public, max-age=31536000
cf-ray: 7332c36309c223f7-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 447a4722329059e26a5bda8ec1f33f76.png
static.nv.ua/shared/system/opinion_authors/avatars/000/009/872/original/ 11 KB
11 KB 60ms
53ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/009/872/original/447a4722329059e26a5bda8ec1f33f76.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a34d4a1e05df99f1f5b6a87cc8031e5176190f4d8cf1555cee8a96b3a1840f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
age: 157745
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Wed, 27 Jul 2022 22:13:27 GMT
server: cloudflare
etag: "4cea47bee5121939d53ad71c26a70a5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sun, 28 Aug 2022 06:15:20 GMT
cache-control: public, max-age=31536000
cf-ray: 7332c36309c323f7-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 /
images.weserv.nl/ 4 KB
5 KB 222ms
78ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/074/original/d32ab3efb96f6a15a3aa899ae2217cfa.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b4d3761b0f1fdcdd4a4df505e36c7bd3372f444554c907de272cf5410187fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 31 Jul 2022 02:04:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 742965
x-cache-status: HIT
x-upstream-response-length: 5425
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4561
timing-allow-origin: *
last-modified: Fri, 22 Jul 2022 11:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqaKuVOCB%2BE7%2FPC6TYo9ygX66lqhOq7emnEPBXH7VWUcrJe9m%2B%2BdgfQIG8qqFpnxjEq259GBtet6sIkK%2Bd7Uibcs4K63YEiDy2i6lBecguj1J2iTdQ0thlIs1x6ovGtU2S%2FVJesztJ4MtpLmIJqb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7332c363ed0be907-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/074/original/d32ab3efb96f6a15a3aa899ae2217cfa.png>; rel="canonical"
expires: Sat, 22 Jul 2023 11:31:47 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
5 KB 224ms
80ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/076/original/b8834cc7f4275662462b61899a119cf5.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bf044b110356ff7b82174924c3466394ff6356dec8f00e419fc2a9edb72c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 31 Jul 2022 02:04:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3246734
x-cache-status: MISS
x-upstream-response-length: 10713
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5082
timing-allow-origin: *
last-modified: Thu, 23 Jun 2022 11:31:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgXC6PCIdpvY%2BIaPIqJRskQanF6fK8jYqE7Ln9uwgkSDVDx6N0R6kRnRNqAnyQ50grHZNVeUdpaDJabuAf794VUKI4C0KQAKAQN6q099HKvKmyQoqtR4%2BtwDY1QKEM2Wbe1WttvO0IQB5iUWxm%2FR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7332c363ed0ce907-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/076/original/b8834cc7f4275662462b61899a119cf5.png>; rel="canonical"
expires: Fri, 23 Jun 2023 11:31:26 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
5 KB 203ms
84ms Image
image/png 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/078/original/cdc2e9bb209a300b1dacf69b7af6ea3e.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373d619c9e3ce26b4a2e43872fa34ec942cacbd261270577121d046cdc7303fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 31 Jul 2022 02:04:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745849
x-cache-status: MISS
x-upstream-response-length: 5816
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4925
timing-allow-origin: *
last-modified: Fri, 22 Jul 2022 10:21:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=takU9EG9RUSWb7UOtbS6e2Z4t991MK1zQfc0ucL4ZFwTbVb9Za2kYR61peYCza3CyMPnAhzGLeNvyaSQ8m1BLsxQAZu4kXiJzb53SX3aKx2no7sU8vfbEioHq7Ivo6yVq8qSDmhnCz8%2Fd8WokOFK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7332c363ed0ae907-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/078/original/cdc2e9bb209a300b1dacf69b7af6ea3e.png>; rel="canonical"
expires: Sat, 22 Jul 2023 10:21:41 GMT

GET
H2 200 81a67f90875d392ab1c1985b54624468.jpg
static.nv.ua/shared/system/Article/posters/002/545/119/600x300/ 9 KB
9 KB 53ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/119/600x300/81a67f90875d392ab1c1985b54624468.jpg?q=85&stamp=20220730163755&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8e47baf4da59461b0939c82864d5ef9c388d2f335a21348bab272c55522401

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 15:06:37 GMT
server: cloudflare
age: 37063
etag: "0fd752adfe041e108cea4b230086edad"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36329ce23f7-ZRH
expires: Mon, 29 Aug 2022 15:46:42 GMT

GET
H2 200 124a4bd8d308649cd1734799c69c870b.jpg
static.nv.ua/shared/system/Article/posters/002/545/234/300x150/ 12 KB
12 KB 79ms
78ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/234/300x150/124a4bd8d308649cd1734799c69c870b.jpg?q=85&stamp=20220731032148&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59687f705380983174757aeaf8256128f42e4d9b6a8eaefebb8295b1125af4fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: MISS
last-modified: Sun, 31 Jul 2022 00:25:35 GMT
server: cloudflare
etag: "5185eb438727815ff106985d4c61eb13"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36329cf23f7-ZRH
expires: Tue, 30 Aug 2022 02:04:25 GMT

GET
H2 200 52b84de7f8f9ee458d224521aeb84b2f.jpg
static.nv.ua/shared/system/Article/posters/002/545/230/300x150/ 13 KB
13 KB 75ms
74ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/230/300x150/52b84de7f8f9ee458d224521aeb84b2f.jpg?q=85&stamp=20220731022349&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 000c3ced0e8b52a4200548be04653a63149fbcfa5a34511dca4861c2ed8a0309

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Jul 2022 23:25:17 GMT
server: cloudflare
etag: "54dd06057a2df2fc79cc3cc260eb76ac"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36359fa23f7-ZRH
expires: Tue, 30 Aug 2022 02:04:25 GMT

GET
H2 200 d18b53e25c4e0173ed8280ad945c789d.jpg
static.nv.ua/shared/system/Article/posters/002/545/220/300x150/ 14 KB
14 KB 53ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/220/300x150/d18b53e25c4e0173ed8280ad945c789d.jpg?q=85&stamp=20220731012202&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668d52598d7da738b2e95f0399d214e29f03841895d7fc80313c8ee11418f469

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 22:25:40 GMT
server: cloudflare
age: 12567
etag: "21dee462f88211af06d61bb9abbfe51e"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36359fc23f7-ZRH
expires: Mon, 29 Aug 2022 22:34:58 GMT

GET
H2 200 de32ab00b086bb670da4748ae37a41b8.jpg
static.nv.ua/shared/system/Article/posters/002/545/216/300x150/ 7 KB
7 KB 56ms
56ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/216/300x150/de32ab00b086bb670da4748ae37a41b8.jpg?q=85&stamp=20220731004606&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4361c50d39062b724f10a00a46ecabbd507be9be81699764526f4e41f6261e4f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 22:00:20 GMT
server: cloudflare
age: 14407
etag: "a94033ccd4f25e32542703fd80473087"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36359fd23f7-ZRH
expires: Mon, 29 Aug 2022 22:04:18 GMT

GET
H2 200 9ad3150c9c8eee88d3419aea99d51dd3.jpg
static.nv.ua/shared/system/Article/posters/002/545/210/300x150/ 12 KB
12 KB 53ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/210/300x150/9ad3150c9c8eee88d3419aea99d51dd3.jpg?q=85&stamp=20220731000153&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebd8fc9fb444824db793ddcdfaf9bd9182beb696cc518c5b7d510ec58904069

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 21:39:08 GMT
server: cloudflare
age: 15804
etag: "1f694576dd5e738cda5b57833c15c14c"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c36359fe23f7-ZRH
expires: Mon, 29 Aug 2022 21:41:01 GMT

GET
H2 200 3d39b1339f7317aa1691dff507f40162.jpg
static.nv.ua/shared/system/Article/posters/002/545/196/300x150/ 18 KB
18 KB 53ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/196/300x150/3d39b1339f7317aa1691dff507f40162.jpg?q=85&stamp=20220730215700&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636323fc587f3a600213ba4c1745b3542b04286c60ce7f4cef32a2065dee968e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 19:49:07 GMT
server: cloudflare
age: 22314
etag: "d11998f8e0992fa99165d0275be77d0a"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c3637a0f23f7-ZRH
expires: Mon, 29 Aug 2022 19:52:31 GMT

GET
H2 200 723b6b708a568582b74dc232e4c34636.jpg
static.nv.ua/shared/system/Article/posters/002/545/198/300x150/ 7 KB
8 KB 52ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/198/300x150/723b6b708a568582b74dc232e4c34636.jpg?q=85&stamp=20220730221810&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49404afe5380a41efe05ae4c99c25692791b19f1a2ee344dd9707c4715546f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 19:20:44 GMT
server: cloudflare
age: 23689
etag: "826ff9123a2de5acfce050e8386eb8d0"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363aa2f23f7-ZRH
expires: Mon, 29 Aug 2022 19:29:36 GMT

GET
H2 200 1626c13c12d6e45d2d65b4aeb2d90ae6.jpg
static.nv.ua/shared/system/Article/posters/002/544/880/300x150/ 4 KB
4 KB 55ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/544/880/300x150/1626c13c12d6e45d2d65b4aeb2d90ae6.jpg?q=85&stamp=20220729202124&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e897570f761f4201ca14a338ef8666b56507c118748bde5d41464367463a3e4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 17:55:36 GMT
server: cloudflare
age: 114348
etag: "9cb269a9f52f3ac6c4bf21f95a8fbca2"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363aa3a23f7-ZRH
expires: Sun, 28 Aug 2022 18:18:37 GMT

GET
H2 200 d7c4718abb47dfad5bc46bd8c2e4ccbb.jpg
static.nv.ua/shared/system/Article/posters/002/545/181/300x150/ 12 KB
12 KB 52ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/181/300x150/d7c4718abb47dfad5bc46bd8c2e4ccbb.jpg?q=85&stamp=20220730214535&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004f701450e12c805b538edd4c3fbe4cea24251fca2e4b46f54ae9817eb995f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 18:55:35 GMT
server: cloudflare
age: 25704
etag: "8cd49c516152035520cf2b38e489a09b"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363ba3b23f7-ZRH
expires: Mon, 29 Aug 2022 18:56:01 GMT

GET
H2 200 35351a93ed004ec9083ef628fd5f8a1a.jpg
static.nv.ua/shared/system/Article/posters/002/545/190/300x150/ 14 KB
15 KB 52ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/545/190/300x150/35351a93ed004ec9083ef628fd5f8a1a.jpg?q=85&stamp=20220730212925&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad63bf9d29d6512009afde6e023f882aaa80e43ce191717dd97a5a1215f2a67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 18:35:25 GMT
server: cloudflare
age: 26250
etag: "b9c2c798634b81c882de27048c0ca0b8"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363ba3e23f7-ZRH
expires: Mon, 29 Aug 2022 18:46:55 GMT

GET
H2 200 2d24f72e16f79a73399920b32c9f42e5.jpg
static.nv.ua/shared/system/Article/posters/002/544/411/original/ 288 KB
289 KB 54ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/544/411/original/2d24f72e16f79a73399920b32c9f42e5.jpg?q=85&stamp=20220728231157&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff5a9d93d1c7ac3bedc65ecf742ad023c3e12de3a89b92b7af76da1695bf14c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Jul 2022 12:00:24 GMT
server: cloudflare
age: 50398
etag: "133b9754780ff9d75519f3d39e2b04a4"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363ca4f23f7-ZRH
expires: Mon, 29 Aug 2022 12:04:27 GMT

GET
H2 200 c9ddbc8a298f626edd51abd042b3264b.jpg
static.nv.ua/shared/system/Article/posters/002/544/686/600x300/ 28 KB
28 KB 63ms
63ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/544/686/600x300/c9ddbc8a298f626edd51abd042b3264b.jpg?q=85&stamp=20220729150355&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af70e216cb98991e78d434dcc923dd64e762bb46592dc8e5e19cb41550d7b087

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 12:20:52 GMT
server: cloudflare
age: 131694
etag: "f8d6b9cae9b25ef23f0dd8f78b1dd502"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363da5123f7-ZRH
expires: Sun, 28 Aug 2022 13:29:31 GMT

GET
H2 200 7ec6ec430953c60d632f31777baf4b05.jpg
static.nv.ua/shared/system/Article/posters/002/544/311/600x300/ 9 KB
10 KB 52ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/544/311/600x300/7ec6ec430953c60d632f31777baf4b05.jpg?q=85&stamp=20220728183054&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9896fb8f9989c1e1d66dd046470400ff69e4cf9d715e2ee9c9acca6b49b704b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Jul 2022 16:52:09 GMT
server: cloudflare
age: 202617
etag: "52772661e5f8256a32f9ac31d9a14961"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c363fa6523f7-ZRH
expires: Sat, 27 Aug 2022 17:47:28 GMT

GET
H2 200 618435db4e34c40d85c6cf2d2c4e2dd1.jpg
static.nv.ua/shared/system/Article/posters/002/543/954/600x300/ 21 KB
21 KB 52ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/543/954/600x300/618435db4e34c40d85c6cf2d2c4e2dd1.jpg?q=85&stamp=20220728170834&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 157918ae0a34f1e3de66d9ef6a31de219834f2ecf2e60d115a03ba531a57f28c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 05:39:02 GMT
server: cloudflare
age: 154744
etag: "470cc3ca54e14e21dca675e32cd34108"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c3640a6e23f7-ZRH
expires: Sun, 28 Aug 2022 07:05:21 GMT

GET
H2 200 68c26d1683242f7ea059a863a051a04d.jpg
static.nv.ua/shared/system/Article/posters/002/544/603/original/ 430 KB
430 KB 54ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/544/603/original/68c26d1683242f7ea059a863a051a04d.jpg?q=85&stamp=20220729175251&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eceb57f2a2cb7e73836ef46e7306746fc59d7b41a01644a335c348d9fd0ea564

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 31 Jul 2022 02:04:25 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Jul 2022 14:55:27 GMT
server: cloudflare
age: 126421
etag: "8dd43a4a384a8d39b171d189ced70488"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c3640a6f23f7-ZRH
expires: Sun, 28 Aug 2022 14:57:24 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 739ms
76ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.8197630340283315&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
p3p: policyref="/w3c/p3p.xml", CP="UNI"
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 127 KB
43 KB 54ms
53ms Script
application/javascript 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c09f5e323e5a4b213105be896d6da202129c4a88c39133c9411021519ae2635

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 14:17:12 GMT
server: cloudflare
age: 1348165
etag: W/"62bdb068-1fc33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 7332c36329d823f7-ZRH
expires: Sun, 16 Jul 2023 11:35:00 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 43 KB
9 KB 62ms
62ms XHR
text/html 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09eef852487b504728c2c26fea41d6aa29fb51190a57d24ea46550d266405c88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
age: 175
varnish-ttl: 900.000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
nv-cache: 900s
cf-ray: 7332c36329da23f7-ZRH

GET
H2 200 pubads_impl_2022072102.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 129ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 14:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131883
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 17:43:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 30 Jul 2023 14:46:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 249 B
768 B 143ms
49ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5b1f02d95280adef9a9977bcbbe074d703f2b6afdd56617cf60baf317be79389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132
x-xss-protection: 0
expires: Sun, 31 Jul 2022 02:04:25 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
388 B 57ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 5df3497cb7101acea511f3597f1f6a2f3230f489d99f752fa7da2dc9f5c14f18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Tue, 30 Aug 2022 02:04:25 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3A03 5 KB
3 KB 981ms
57ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: f2fb7f8ce89c0316f272cc353d1341a3f5ee6ac5c7a32fcd9305b88157ebabc6

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 02:04:26 GMT
etag: PRIVATE7520710249
expires: Tue, 30 Aug 2022 02:04:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daf971cc02f4afbbeda0c2fca9141ad6ef0a541e363391499458ea2e7475bcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71232
x-xss-protection: 0
expires: Sun, 31 Jul 2022 02:04:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 565ms
52ms Script
text/javascript 2a00:1450:4014:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6845
date: Sun, 31 Jul 2022 00:10:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 31 Jul 2022 02:10:21 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

52ms
52ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16501492
fly-request-id: 01FSX6X3Y7Z6VSJYZCBQE609ZV
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7332c3650a310200-ZRH

Redirect headers

date: Sun, 31 Jul 2022 02:04:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G98ZJAKQWXAPSMSVRY36CRPS-fra
server: cloudflare
age: 405
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7332c364a9fb0200-ZRH
access-control-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 458ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe7r0&_p=366728631&_z=ccd.v9B&cid=1966529039.1659233066&ul=en-us&sr=1600x1200&_s=1&sid=1659233065&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&en=page_view&_fv=1&_nsi=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/c/ 376 KB
111 KB 55ms
54ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/c/ym.js?2
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: ca69cc671e77c7acb5dbe23a5bbf61f8cdec6cd9e35528849e9ea7a5914b3723

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 304
cdn-storageserver: DE-169
cdn-cachedat: 07/26/2022 15:54:04
cdn-pullzone: 139012
server: BunnyCDN-AT-731
last-modified: Tue, 26 Jul 2022 15:49:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62e00d23-5e1a2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: a8198e03372be0f5d27d6e72fa103118
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
438 B 109ms
36ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51943557-1&cid=1966529039.1659233066&jid=1610487491&uid=0&gjid=354032834&_gid=631966281.1659233066&_u=YCDAgEABAAAAAE~&z=399247034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 31 Jul 2022 02:04:26 GMT
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 160ms
53ms Image
image/gif 2a00:1450:4014:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=366728631&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=1610487491&gjid=354032834&cid=1966529039.1659233066&uid=0&tid=UA-51943557-1&_gid=631966281.1659233066&gtm=2wg7r0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&z=1631433699

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 12:59:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47089
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 140ms
52ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1966529039.1659233066&jid=1610487491&_u=YCDAgEABAAAAAE~&z=659543115

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 139ms
50ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1966529039.1659233066&jid=1610487491&_u=YCDAgEABAAAAAE~&z=659543115

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 193ms
60ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 31 Jul 2022 02:00:33 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 234
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-cf-id: NKyC15n1uJBMtkjH-McIdJYDNXqOll7cME5MuPqvcKS1hKzDuhgLew==

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 207 KB
68 KB 51ms
51ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 2e81e81ca96d183cc0cac80a256799c86c1be8146f3245467f3149e40893f408

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 224
cdn-storageserver: DE-197
cdn-cachedat: 07/30/2022 18:31:33
cdn-pullzone: 139012
server: BunnyCDN-AT-731
last-modified: Sat, 30 Jul 2022 18:31:10 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62e578ee-33d56"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: d53291c9c93fb3ec0340b95770f7eb70
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 183 B
873 B 154ms
50ms XHR
text/plain 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 9b186c96251e385a93881990af45bec654d73db5b8ed7ba9ff06ec24aee97788

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-fileserver: 324
cdn-storageserver: DE-164
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/30/2022 08:30:51
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-AT-731
access-control-allow-origin: *
last-modified: Sat, 30 Jul 2022 08:30:21 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62e4ec1d-b7"
vary: Accept-Encoding
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: e61aa79be84db4b4c4bbc848c1b2a225
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 250ms
106ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD01YzFlMjI0Mi1mYjMwLTQ3ZmEtOGVjOS0wYmQxYWZiODgwOTA%3D&pt=gross&stid=b32541da-de68-46f1-a86a-f46af62727d6&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://nv.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
12 KB 267ms
148ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

43ff1641adb4d32453b4f01a9dc51220a3cb30b72e5414e3d7252957c157905c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 31 Jul 2022 02:04:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8e427952-3e95-417a-97cc-2b8b1d4b70a3
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 260ms
106ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=5c1e2242-fb30-47fa-8ec9-0bd1afb88090&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2271930193978715
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 704557ac237d4c77be826b47e8bf3220849a3f6a32b29153db46ad6e03f01981

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
403 B 291ms
160ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: cd77c8dfad7dc6d6d4e55aeff7813be3e207893d7877b78e52da315785a22e08

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Sun, 31 Jul 2022 02:04:26 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
276 B 261ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 31 Jul 2022 02:04:26 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 160ms
40ms XHR
application/json 35.156.14.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.14.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-14-215.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 247ms
63ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=47199341160

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
631 B 223ms
122ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215e3abb6b99e1ed%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216f79a510657387%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2216f79a510657387%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd3aeae138ed5142d8983f6e4c0e359cb3e49f06373213706546cfeef130ce24

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c60UzsJ5csynuYBPF8uwxOdQcZagV7UJKH4pGlVv4r6g36L6IBchwna2pwfvjVd3Rx0mHzLKYXkkqAfcLDjr%2FaTP7xdh%2BpO7z0TkM1146N3hXlFLTT9Zq%2FK8OQjmEgE9yHe7n5cQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7332c369aed371e7-LHR
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 140ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 547 B
316 B 154ms
71ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

927cddf4efe987c54a455369bf473cc7dd008b117dec7ccc3c17a3d8220d918d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D55B 6 KB
4 KB 202ms
50ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 02:04:26 GMT
expires: Mon, 31 Jul 2023 02:04:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1659233066558/
Redirect Chain

https://gaua.hit.gemius.pl/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://gaua.hit.gemius.pl/__/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

169 B
425 B

152ms
152ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qd3Ba2tpYqUgwtnuryaU1v_rLiYkaNJfi2fE22tr32b.w7wL687N67GmF3q5cx3FRKKuyuYYfSWG4ag_emViNkmOo162/fBcbIO1Hde_pZ/&ltime=1007&fpdata=7hkgCxhp2656uOAI_B6QbZsDpoFx2wwzbWlJts9.1Jv.b7&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 971a4cdb01f10ca47a487ae9ea731b281fec186608782e90be0c5db4c6108202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 30 Jul 2022 02:04:26 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1659233066558/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=qd3Ba2tpYqUgwtnuryaU1v_rLiYkaNJfi2fE22tr32b.w7wL687N67GmF3q5cx3FRKKuyuYYfSWG4ag_emViNkmOo162/fBcbIO1Hde_pZ/&ltime=1007&fpdata=7hkgCxhp2656uOAI_B6QbZsDpoFx2wwzbWlJts9.1Jv.b7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 30 Jul 2022 02:04:26 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 40ms
40ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 22:35:52 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
age: 12514
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: Sg4F1_5sIfidwvZ9s7PauwmIfLlDRA4RF_fKqDp22Jg4P47gl2P2zw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
484 B 77ms
76ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=bh9B0hMXL7c0T&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_323021136%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_521323293%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 8M792QHZFCBJPDQ1Q7VC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RvGzI3Rh-2w8XFV72kgdaV9janhMopixDLSwUi4KQmNRuffZixrlvA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 120ms
40ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 08:28:02 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 63385
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
content-type: application/javascript
x-amz-cf-id: _89X9LQNKqV2cHAMyh7sa6eJEb455o5J-FuzE3eK6Ure7Hz8DFC0HA==

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 136ms
52ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
37 KB 311ms
310ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2627014730036201&correlator=1274406422566349&eid=31068588%2C31068631%2C31068650%2C31065517&output=ldjh&gdfp_req=1&vrg=2022072102&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=2148232813&sfv=1-0-38&fsbs=1&ecs=20220731&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.50%26hb_adid_appnexus%3D17ee5dae6bb38ae%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.50%26hb_adid%3D17ee5dae6bb38ae%26hb_bidder%3Dappnexus%26amznbid%3D2%26amznp%3D2&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DC%26traffic_source%3Ddirect&sc=1&cookie=ID%3Dc9606cd48394fc6b-22fde738e0cd0053%3AT%3D1659233066%3AS%3DALNI_MZGXvHTB59_0Y0m9LHhuC-S7AnY0A&abxe=1&dt=1659233066682&lmt=1659233066&dlt=1659233065282&idt=511&adxs=1114&adys=1182&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1966529039.1659233066&ga_sid=1659233066&ga_hid=366728631&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a00cc618f6b57d534d78f8118101d6dbdee22af35b41333c94b0db37ba2adac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37443
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 54ms
54ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

59e94d8b86ddaf19218f087d1659a3a48c7ab3c7315572f862b0e4ec77af16b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10633
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 02:04:26 GMT

GET
H3 200 container.html Show response
50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B14 6 KB
3 KB 121ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 02:04:26 GMT
expires: Mon, 31 Jul 2023 02:04:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F4E 13 KB
5 KB 122ms
39ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 19:12:03 GMT
expires: Sun, 30 Jul 2023 19:12:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 028B 783 B
536 B 132ms
49ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab75e5cf95b8a56cb32d935c17705e55a10d1ebc17c1efd779d3d36c08b44387

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ylj6v07B69WhWPlWmPq2Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ylj6v07B69WhWPlWmPq2Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 02:04:27 GMT
expires: Sun, 31 Jul 2022 02:04:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 1B14 2 KB
1 KB 142ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 Jul 2022 01:27:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 31 Jul 2022 02:04:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jul 2022 02:04:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 1B14 2 KB
902 B 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:15:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1B14 0
0 88ms
87ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDKS2KuPlYtHtLPCM7_UPtKqUkAvEvteBWI7k_ezCDoGC5fuZCRABIPT552Ngu4aAgNAKoAHEwvHhA8gBCakCgK85m5BrtD7gAgCoAwHIA8sEqgT9AU_QXtI_cR3CzKpe5IhxSQ9fG1uhAcaZlAP4j5wZMpoX4pdR55VRK6OgQbWvBG6w8Y3dfudGJ4ZXuIhXEgsB5tvC9GcGainsa7E7O5SeNlINhGxSv4uqzUotciYIOEQsIutvMlG9SYvN06HFYsNSWDDihPtjlGXuZ0a7pGXvtPIsHUHDpHsMY1UWbKHuy4v2hNWQ2XuF1jX24rp_fpJDabz1WLsNnFvaPJgvk8Lst4bZOyAj_jNv974kMLELAhKD4d7BArMGPy-xefDJSwbLITXqm8fDjIFzmQrvy7zUuI7XnVV7WtHDily-PoE9qcb5YWjdMKXPm9jJ-hxxVArABNaLk7GwAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAekvY4eqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEL-TD9IIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMCiBQB0BUBmBYBgBcBshceChwIABIUcHViLTY3NDI1Mjg5ODk2ODA1NjgYg5sa&sigh=zzieRJcBPwo&uach_m=[UACH]&template_id=494
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/ Frame 1B14 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/abg_lite_fy2021.js

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9504
x-xss-protection: 0
server: cafe
etag: 17733382080043146658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:52:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 1B14 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/window_focus_fy2021.js

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:50:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B14 139 KB
43 KB 137ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658922152796835"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 02:04:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/ Frame 1B14 18 KB
7 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220727/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 01:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Aug 2022 01:32:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B14 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIrrnYwPC0VZKgzAZMvm_o8IpvVyQiR8qoPcmKrurC93lQxtyWkU_NdXitRlmT3P7IXol_JjBNJor7nK3zCt9q0Ke3ZQ
Requested by: Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ab4c532c1fbaba50606c7d3c45560ace.js Show response
www.gstatic.com/mysidia/ Frame 1B14 30 KB
13 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 13:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12814
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 22:37:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Oct 2022 13:58:06 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 1B14 25 KB
26 KB 144ms
42ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcStLrcy1hLLWlRl6TduX_9lp9dxfALEzTboFXYHV43LM5NaOrNJnVDJjWsbcw&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55f30f86f3429b9ac694ae93e67cd09f3f49afd20d08a6508f4507173e73a03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:17:06 GMT
x-content-type-options: nosniff
age: 380841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25568
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 02:30:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 26 Jul 2023 16:17:06 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B14 24 KB
25 KB 263ms
105ms Image
image/jpeg 2a00:1450:4014:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRPG5b_aNtyRSLtxdA_o91KZSoEuMETOoe3aEO1_0neMDHpV8dS1Lmzw3PwVl8&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d7fc710068824bbb52b37d50dd3c95f299acf5110dcee9a483877f06787bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 13:47:46 GMT
x-content-type-options: nosniff
age: 217001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24976
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 04:14:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Jul 2023 13:47:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B14 26 KB
26 KB 154ms
52ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT_RKvsEnadD4p2VS7vKXQNBjIhbcKWKov_KWjOwKdI7WMeoR9QDQf5-nGnwfM&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1382e2b77c4d9092a81b2f119ecf60f874dbf8cf5acc0df28c9a2245549b1eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:27:34 GMT
x-content-type-options: nosniff
age: 254213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26224
x-xss-protection: 0
last-modified: Sun, 08 May 2022 02:13:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Jul 2023 03:27:34 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B14 17 KB
18 KB 142ms
40ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR0yfghtRzpGn2FPW9UBIs8MHmfxAG3BnsYZ8d7fW4eOwRfB3sXBMEmKjQ-pA&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28bd509b652f2f5aa9f115290abe04bca5a8cdf04ab405ca1abdb6f67f25c0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 03:02:43 GMT
x-content-type-options: nosniff
age: 601304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17558
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 03:52:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 24 Jul 2023 03:02:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B14 16 KB
17 KB 197ms
95ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRuJMq9VEev_lCOAOoakvTzhY1UsyZFKwUeJOSEZZIttWZafgPEIVj5iwE_bw&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0cdfe439f37481c7ca5070d9f7fc0b408c4a3e38468d1992d54394bb4b28e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 11:15:57 GMT
x-content-type-options: nosniff
age: 571710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16858
x-xss-protection: 0
last-modified: Sat, 14 May 2022 04:41:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 24 Jul 2023 11:15:57 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1B14 17 KB
18 KB 176ms
54ms Image
image/jpeg 2a00:1450:4014:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTDz_ECEKWnGDsT6JmRPCMKt411aVOBqf56YISDp3dwZpbyLGCEyTQCihPE&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9e03aa5c57281c7a97685b5af1ea34f20bdea8a415cfb90934092822c650f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 06:50:56 GMT
x-content-type-options: nosniff
age: 242011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17478
x-xss-protection: 0
last-modified: Tue, 10 May 2022 02:02:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Jul 2023 06:50:56 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1B14 19 KB
19 KB 210ms
109ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSoGma_quvMC-Xr0oWeG7akN2PBq4d6fcJvhMyetQl1P941m3E1eHFWhxMUpsw&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a065356566adf368aabfa1134c41d2e62136e3673e6b7b7b5517fdb3785664a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 14:06:29 GMT
x-content-type-options: nosniff
age: 302278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19576
x-xss-protection: 0
last-modified: Tue, 10 May 2022 03:40:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 27 Jul 2023 14:06:29 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1B14 22 KB
23 KB 211ms
54ms Image
image/jpeg 2a00:1450:4014:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTajx5kNcSthGYRnAbbMfAWBMECDK8QzX3DAPROC9x0S4-xCoNOU0gSXiT_Vg&usqp=CAI

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffbec67928f6720e4a930cdb693f132538ab32cf3dbce154cce3f306fcd9dceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 23:39:18 GMT
x-content-type-options: nosniff
age: 8709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22781
x-xss-protection: 0
last-modified: Sat, 23 Apr 2022 10:14:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 30 Jul 2023 23:39:18 GMT

GET
H3

200

5708383959281508677
tpc.googlesyndication.com/simgad/ Frame 1B14
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrocq29QEQ_wEY_wEyCB6aI37lSO8I
https://tpc.googlesyndication.com/simgad/5708383959281508677

38 KB
38 KB

40ms
40ms

Image
image/jpeg

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5708383959281508677

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

813b72c5bef0ebba0bd8f4104bfc8915577d2a4bbf06c5ac96bb7d97f5834cf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:16:37 GMT
x-content-type-options: nosniff
age: 395270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39282
x-xss-protection: 0
last-modified: Mon, 17 Jun 2019 17:19:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Jul 2023 12:16:37 GMT

Redirect headers

date: Sat, 30 Jul 2022 19:32:10 GMT
x-content-type-options: nosniff
server: cafe
age: 23537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/5708383959281508677
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Aug 2022 19:32:10 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F4E 36 KB
14 KB 42ms
41ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 20:23:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 028B 0
0 82ms
82ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072102&jk=2627014730036201&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E88F 1 KB
749 B 41ms
40ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 16468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 21:29:59 GMT
etag: 48472445140208031
expires: Sun, 31 Jul 2022 21:29:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E88F 0
104 B 364ms
94ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOSBRp2-fEQaaUFiFvORBtc&google_cver=1&google_push=AehlK4ATDAPEWkVau70uDaoMmgenc7grBy1WaGSuiWu1BegmXgBEZLGQ_02At8zovR94Y_EsW0HBW8p7vLny2Sniv4Yv5RMsWONx
Requested by: Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E88F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0...

43 B
413 B

230ms
215ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7332c370ed0f01df-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 483
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7332c36f7c7401df-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFzRtpE5iOwAL64EK_h0P2k&google_cver=1&google_push=AehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BLagTyw1yeKyLJpxaNKyP4CBK0yAVtZB8I43hbhPLbhd37nKQn8XSdCtv7ywtq4LckW_ynhrVd_1_iyOssM9ft-zNBxa0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E88F
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJmYIS7jPiyNy544G0llkCI&google_cver=1&google_push=AehlK4BKp1dvIwdAoAGDDVFNFcox82PvS_-Xk9MswTrz8WkcAsXANv4n6PoBth_a4kT3kXWAo9l...
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEJmYIS7jPiyNy544G0llkCI&google_cver=1&google_push=AehlK4BKp1dvIwdAoAGDDVFNFcox82PvS_-Xk9MswTrz8WkcAsXANv4n6PoBth_a4kT3kXWAo9l...
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WMq8EZ3RR368sMPTz55G9w&gdpr=1&gdpr_consent=

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WMq8EZ3RR368sMPTz55G9w&gdpr=1&gdpr_consent=

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=WMq8EZ3RR368sMPTz55G9w&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:28 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E88F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGCfMVS1a1rGAUcmnREHAj4&google_cver=1&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJT...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LPUiIYVhRzejB3IBhdhBPA2&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJTuap7R-v7OOKi

170 B
329 B

50ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LPUiIYVhRzejB3IBhdhBPA2&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJTuap7R-v7OOKi

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 31 Jul 2022 02:04:27 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LPUiIYVhRzejB3IBhdhBPA2&google_push=AehlK4D5XYrLNGRoUgveZ2hTQYwv6QGGqv5oYnQMO3wsWE_PPjGjsfWbTIOMQBFjWy7uA4He_7IUYtwn4EANytJTuap7R-v7OOKi
x-host: tde-deliveryengine-production-78dd496b74-6lfmn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame E88F 14 B
14 B 601ms
113ms Image
text/plain 34.234.190.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEFPQObzzGj5jidQGIEO32d4&google_cver=1&google_push=AehlK4BnDHbGmSUdaspugLQUuC_r9Ly7z0WfQfDOFKi-MgSNAWUxoccw94xmf2EZpMdMWop4Ieuw290QZ5OEt72togSczeYHwyT3
Requested by: Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.190.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-190-176.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E88F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I&google_cver=1&googl...
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I&google_push=AehlK4Dlj...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&google_cver=1&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM...

170 B
188 B

138ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&google_cver=1&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM36QOX_t_4e5UuntYVwPJRz0&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

cf-ray: 7332c370698206b6-LHR
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BqUYzBYujqOsaf%2FyZEd950UKWfyO5WClUxvv5MlP%2F8cjC3k6gohc%2BpldwRGZRnEmLB0E5heEPxcXmjmfdVSNDh5IOsz5XOeJ6kJi68fqHBUyAdMRZjtKfN88K4cHYwErzNI"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&google_cver=1&google_push=AehlK4DljiXYP8dOFCQcE9149Xdi3AhODMBlbCzi0VD7cEPclTJGIJQnKLevbDZU5vXio-SUawBM36QOX_t_4e5UuntYVwPJRz0&google_gid=CAESEB3_6NMpG5nY5dvqAxZ9k9I
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 um
sync.teads.tv/ Frame E88F 23 B
172 B 276ms
93ms Image
image/gif 23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENtaBiyHw4mWRZpjM9-9T1U&google_cver=1&google_push=AehlK4Cxd7U0ILkgXkBLrrQts9Es6Ydzufhcp61tuOs7qy-mY9_BjlLDrUnt_4KJQIfYO_0PzEFT8-rUWF3dBPnuDuWC2qB-PqX33g
Requested by: Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 31 Jul 2022 02:04:27 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E88F 0
232 B 148ms
48ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuQ0N5BN1UFBqzk9DeYXoaWqkIhaasnElVul09jxjbEAKgNn8LeIC3U8upK7vF0NBBe6EwWQ

Requested by

Host: 50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
URL: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F4E 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DwFwUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1B14 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4adb8e05ff6b6ac0807df7f058a2151c9ef27cf33d095c5a2cb1f07e69930400

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 139ms
68ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:27 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 Aug 2022 02:04:27 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1B14 20 KB
21 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 359447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 22:13:40 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8305 15 KB
6 KB 183ms
61ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 31 Jul 2022 02:04:27 GMT
server-processing-duration-in-ticks: 1652
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 180ms
61ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:27 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 01 Aug 2022 02:04:27 GMT

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9914 36 KB
14 KB 42ms
41ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 20:23:55 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8305
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jp4jb3xhNkdnUklKQkgwZGc5QzMva0JMWkM1M0hldEJzdGdGWTBPS1BtTmlxNTJvQlVMSFpjOXFiTGdXV2pkSTROa3VQZS9pdzBWY2tPYnN3cUJhTXZvZ1JzQ0s2TVBFUFBNdTVPL2RIK2owb0x2SGhsS05vVmFkR1ZiNW...

430 B
632 B

153ms
39ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jp4jb3xhNkdnUklKQkgwZGc5QzMva0JMWkM1M0hldEJzdGdGWTBPS1BtTmlxNTJvQlVMSFpjOXFiTGdXV2pkSTROa3VQZS9pdzBWY2tPYnN3cUJhTXZvZ1JzQ0s2TVBFUFBNdTVPL2RIK2owb0x2SGhsS05vVmFkR1ZiNWRHcjVnRnNJd21Jb25rU2JYcGNRbUQvWmwrRTYyZUZVTXN6SE9GOWxGRXZMOU1RRVdyTU5ZNUJCNVhjdktTb2tsM240RXV1T1dYc2J1R3VUOGExbEtaRlFHNVdlbGlTYWpEdy9CRU5wOTMzUzhsaThxcnA0bE4yMUpQdm9GSHZCOGtUWHJ4TjNxfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8b5f0e9d22c349331090274d28f839231bc9c54122515c0274221d25affba62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4883
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:26 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=jp4jb3xhNkdnUklKQkgwZGc5QzMva0JMWkM1M0hldEJzdGdGWTBPS1BtTmlxNTJvQlVMSFpjOXFiTGdXV2pkSTROa3VQZS9pdzBWY2tPYnN3cUJhTXZvZ1JzQ0s2TVBFUFBNdTVPL2RIK2owb0x2SGhsS05vVmFkR1ZiNWRHcjVnRnNJd21Jb25rU2JYcGNRbUQvWmwrRTYyZUZVTXN6SE9GOWxGRXZMOU1RRVdyTU5ZNUJCNVhjdktTb2tsM240RXV1T1dYc2J1R3VUOGExbEtaRlFHNVdlbGlTYWpEdy9CRU5wOTMzUzhsaThxcnA0bE4yMUpQdm9GSHZCOGtUWHJ4TjNxfA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1561
content-length: 509
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
85ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072102&jk=2627014730036201&bg=!Xl2lXRnNAAacadVKvGk7ACkAdvg8Wp7_-TpspPtfiXEdLfOuCNhvtaCgsKTJw93ZLdggibFB8FaRNwIAAABRUgAAAAhoAQeZAoiUB9Zn5Xc_QTNMzrUJFBVhmHEwsleU4uVLM1xfszTr_zakdIx9_TOo6fSrswBc_xrFgEWmoMNEWazhMZjOoIKMY_AoHdmBa_jfoQPyUs-bEZe3Hlpad2U8Kh8ILW6UPAD6YF_1Exe3rTjmcom74VIcGcTLQ4B-fljqs8nMFxn4ec2XGC_rAwXEhYtfG5gw93xWs1Kavg3cbQ9XzC9zOpHp4q64g7gsenya0JrNb7WYqnT_PXirIdHKAxkB2QJFuD8II-83AxRzgSf9pRtyRkkqgn-df-HB8ckRDt5tc0ACvNLkBqfxGLU5eO8fgPX3tGQbyvv2lkwn-bdXkDzUySIp_9SEsYl-tXIWvK5ma65cnjkUrOJnskRdBxfRlZZnATgMeZh6sxM6yOGr8otf92F71qflmK_u-PW7TJfMqizCEshnz3sBGOogL8aO7Q6xvDWS9qp6gHNKLZUQe7xVfkMmOmaJJtNxeuYptL1md1qS9LflhdawimhgUK7eh_D5P0kruudkAUnCtI-Du280RoDDdFL3WRN8waaXs6vjBHnYSwX2JKY0Z4UiSEHV7mWY41_eAEEFpYSZAppoWvP1Ek5IMGr0e7eRz5Lw2rrQuUMPkBThn8BjE7rkyBuov_PYokTaXxCb_JhIRu_db3co74W2_KbNQY8eCjujz9i1s2AGf_gpSNawgxiKjO8dliQJ48ClZmAfy2Uedc5hLoOIXwQi1Obnzapqv1uf3wcc7j5ImQV4TFA7uR_DuZLR8xYsYa4IcJg53cB0Y4sOaN_c7-Kc3Lpp8nvBSLEZ1gGANHD3UkToTFrA_L2uDTpFgV9CbnWO86jO1BXqZJPvL3fGUDTNeDrpBjol8eY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 96E7 52 KB
17 KB 314ms
57ms Document
text/html 23.47.208.198
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.208.198 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-208-198.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 31 Jul 2022 02:04:29 GMT
ETag: "623de86a-cf34"
Expires: Mon, 01 Aug 2022 02:04:31 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F812 281 B
554 B 197ms
53ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 31 Jul 2022 02:04:29 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C5BE 3 KB
2 KB 240ms
53ms Document
text/html 23.47.209.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sun, 31 Jul 2022 02:04:29 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FC29 37 B
140 B 165ms
45ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 31 Jul 2022 02:04:29 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F812 31 KB
10 KB 54ms
53ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 02:04:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67645
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Sun, 31 Jul 2022 20:51:54 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 326E 2 KB
2 KB 113ms
73ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685de8544bd6ebc1fccee942b67fb0bd0d5ef84a40bd384fdbcaf8d34c047be8

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7332c37fa96a7737-LHR
content-encoding: br
content-type: text/html
date: Sun, 31 Jul 2022 02:04:30 GMT
dropped-udsids: 45|241|230|39|31|123|4|111
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRsloNHyFBaybcBy5CtsQmJXsYZfPf4gTGDpIwLBCS9Dk12NaDzKihKTdXNrrjeUReaTfnSjhuv%2FQg0FWzkSRr9RmXAWFp0g4iLdmRJ%2FCcUDPs1j3Ipmk%2FzdiFHhzEZZY3pd52VBbFOoHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 96E7 0
746 B 42ms
41ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:30 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6ac25c85-f4ff-4c85-95e7-acbd261f8b7e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F812
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2YmFkMjE3Y2IyZGE4MjQ5MTQ0MDIwNjAyMWZiZmYzYWFiNzdlOA

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2YmFkMjE3Y2IyZGE4MjQ5MTQ0MDIwNjAyMWZiZmYzYWFiNzdlOA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2YmFkMjE3Y2IyZGE4MjQ5MTQ0MDIwNjAyMWZiZmYzYWFiNzdlOA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F812 70 B
265 B 179ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F812
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY4T0laVzgtMVMtOUJaRA==

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY4T0laVzgtMVMtOUJaRA==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY4T0laVzgtMVMtOUJaRA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame F812
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L68OIZW8-1S-9BZD&sigv=1&esig=2~5c19ff3c648f88d9a963ec33cded76d2c1de3ee6

0
194 B

421ms
51ms

Image
text/plain

2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L68OIZW8-1S-9BZD&sigv=1&esig=2~5c19ff3c648f88d9a963ec33cded76d2c1de3ee6

Protocol

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:30 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L68OIZW8-1S-9BZD&sigv=1&esig=2~5c19ff3c648f88d9a963ec33cded76d2c1de3ee6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F812
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/zX4D8aDg-KibCqcAUx0CH8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1675627869439844024

0
239 B

45ms
44ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1675627869439844024
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Sun, 31 Jul 2022 02:04:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1675627869439844024
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F812
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_HarNqohCHFsuU0rwOun0&google_cver=1

0
239 B

272ms
43ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_HarNqohCHFsuU0rwOun0&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_HarNqohCHFsuU0rwOun0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame F812
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oyR8qitnR5ehosB1TzAvqw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oyR8qitnR5ehosB1TzAvqw

43 B
556 B

120ms
119ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oyR8qitnR5ehosB1TzAvqw

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BATYVB7FA1AMT134RTSF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oyR8qitnR5ehosB1TzAvqw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame F812
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L68OIZW8-1S-9BZD

0
708 B

263ms
121ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L68OIZW8-1S-9BZD
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:30 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EDF02B7F9AC94CD986F498BB286A3BC3 Ref B: LON04EDGE0915 Ref C: 2022-07-31T02:04:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXlEE3D42RPOHfC/twfdw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L68OIZW8-1S-9BZD
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 326E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YuXjKwo57ROrmh5i2drDCAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKF5uQlGpsrPzSqVijwHzcE&google_cver=1&gdpr=1

43 B
1 KB

118ms
73ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKF5uQlGpsrPzSqVijwHzcE&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7332c3821aea71e6-LHR
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQzEl9TBhhWXtiyyfl8K6jk%2BxtTelIXsXhOL2XvwUXeQ8KFRKLUFG5f733mlleYuU7c4MiHpdpYI0SM%2BJ%2FyargRuKzBdR0e7o1omVvXbfkiuXr9G1dO%2BnJWqRjKTvjWWkJyH8Uzqd%2FBZtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKF5uQlGpsrPzSqVijwHzcE&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 326E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&dcc=t

43 B
645 B

117ms
116ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: J25Z9MKEPKQ5AN7CKCF6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:30 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HV4D3HJQ73Q8PQ78WNDM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 326E 170 B
188 B 52ms
50ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YuXjKwo57ROrmh5i2drDCAAAB0MAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 326E 70 B
264 B 137ms
54ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 326E
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7125194701703951725&uid=Q7125194701703951725&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

55ms
54ms

Image
image/gif

104.96.159.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-159-65.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 31 Jul 2022 02:04:30 GMT
Server: Apache/2.4.6 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/7.3.33
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sun, 31 Jul 2022 02:04:30 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 326E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JPBFdgE-TsdBRPBG4w2GHNmKxGk

43 B
1 KB

68ms
67ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JPBFdgE-TsdBRPBG4w2GHNmKxGk
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7332c3837d9f71e6-LHR
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JBxv%2Bc7ocNAVu%2BU8dHGREk3Is98s1LMfPxMnf1RsJYmbakYSWC607ldNZKXpDXEWlstquugqN5feYdIglcmKAyduL5lybVVSjvE9CRpbZzQIfYrM3gvcNHbUZ57HtRUp%2FvrAsxA37QzAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JPBFdgE-TsdBRPBG4w2GHNmKxGk
Date: Sun, 31 Jul 2022 02:04:30 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 326E
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4230249030444125313

43 B
607 B

66ms
66ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4230249030444125313
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 7332c3815be57196-LHR
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Is-Traffic-Usersync, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DVP9i1HRL4fKh%2FjllUzHav8x5vmTpkvPe9unVYWl8tx1PCXD2NgJxj9Hpbz2R%2FrfcNUet96%2FTXZUMPlAUQriYbKPLN4n2T%2FoBmcKWjXapt196FZCkjt1CzSKWtF51HdS29wjqiB0U67cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4230249030444125313
pragma: no-cache
date: Sun, 31 Jul 2022 02:04:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 326E 0
331 B 164ms
46ms Image
text/plain 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jul 2022 02:04:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 326E 43 B
424 B 195ms
55ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YuXjKwo57ROrmh5i2drDCAAA%261859
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 02:04:30 GMT
cf-cache-status: HIT
age: 77
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "902a3d-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7332c38148d923f7-ZRH
expires: Sun, 31 Jul 2022 06:04:30 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 96E7 0
746 B 41ms
40ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Jul 2022 02:04:31 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5bd4ce9e-f857-4cce-a08e-39c539253767
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 04:53:53	Name: XSRF-TOKEN Value: eyJpdiI6IjhsaWFKbVk3OGcvUnk5SnVLV2hvaXc9PSIsInZhbHVlIjoiMy9vMnB0U25EQUZmd01mUDd4cWtiUFJvakxac3FPb3c0TTczSzlYU1UxbkRyOUE0U0VyT1ZsamJpbWcxUEFQMi9rclh6dmZVM3V5SzZRdWhWaUhHWE1ldHAxeGIvaEg2TXM5c0wxK2taMFJvOCsrSzk0ZEFIbUJzZFovRVVMMTEiLCJtYWMiOiJiZTU2ZDJhODk3ZGVlYzEyYjVmOGQ4MTlhODFjNGI2YWY3ZjZlYjNlNzRhNGIyZGE0OWUyNGVhNzAzODg1Y2U2IiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 04:53:53	Name: nvnew_session Value: eyJpdiI6IjNGOFdpSWkyTWkyN0dDaGRVdFhwSmc9PSIsInZhbHVlIjoiTzMxTDdyUnJaUkhhRC9OdUNZNDF5MEZCbTJucWhhZTVBQTR0eTlLWFFrZHR1MnFhRENSU2xkdzUzT2NXbGlMR25rS0FmdGdhTGswaGxsZS8rZUcveFBDVkZXa2hndzZUMGRnenVlZ25yNkI2M1dkcElPWC81cjg3NXZDVVBCSnoiLCJtYWMiOiIxYzk0OTE5ZjFkZWNhOWI3MzhhM2E0ZTVmODc4NzhlOTcxNDlhZGFjZDA4NjBiNzZkYTU4OTJmODk0YmQxNjNmIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 04:53:53	Name: device_type Value: desktop
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 07:03:29	Name: _gcl_au Value: 1.1.178216914.1659233066
.nv.ua/	1970-01-20 14:22:41	Name: __gfp_64b Value: 7hkgCxhp2656uOAI_B6QbZsDpoFx2wwzbWlJts9.1Jv.b7\|1659233065
.nv.ua/	1970-01-20 05:37:05	Name: yield_master_ab_bottom_sticky_high_floor Value: C
.hit.ua/	1970-01-21 07:10:41	Name: uid Value: 1879064058.1659233066.1120763632
.nv.ua/	1970-01-20 22:25:05	Name: _ga Value: GA1.2.1966529039.1659233066
.nv.ua/	1970-01-20 04:55:19	Name: _gid Value: GA1.2.631966281.1659233066
.nv.ua/	1970-01-20 04:53:53	Name: _dc_gtm_UA-51943557-1 Value: 1
.hit.gemius.pl/	1970-01-20 05:03:57	Name: Gtest Value: KlxzkMXGQMGGq310PIGbuglissGMXP8c25nSGgvsAB4RXBG.
.rubiconproject.com/	1970-01-20 13:39:29	Name: khaos Value: L68OIZW8-1S-9BZD
.rubiconproject.com/	1970-01-20 13:39:29	Name: audit Value: 1\|naVuGyos1qrbQqJp5F0SGVqbBgMWySGKoH1GQZR6kui6sMFFNZ35rGpevA1SrYLMqzSne0l760vHH+5S0WTXOH7y6MIaC84S
.adnxs.com/	1970-01-20 07:03:29	Name: icu Value: ChkIra6AARAKGAEgASgBMKrGl5cGOAFAAUgBEKrGl5cGGAA.
.adnxs.com/	1970-01-20 07:03:29	Name: uuid2 Value: 807880171480952059
a4p.adpartner.pro/	1970-01-20 06:20:17	Name: apuid Value: eaea0416-60f7-447b-8c88-0bfed176ba7d
.hit.gemius.pl/	1970-01-20 14:22:41	Name: Gdyn Value: KlGgLRGGQMGGq310PIGbuglissGMXP8c25nSGgvsAB4RFRxSG7RrGS6GY9GBFlM2xgGPo1RGF8CBI8l8MG..
.doubleclick.net/	1970-01-20 14:15:29	Name: IDE Value: AHWqTUnIWvV34Ia39_7GOnoZPgY6V1GfMaEVdDR0h01AZEKntNT5xQK07246PH8QEJE
.nv.ua/	1970-01-20 14:15:29	Name: __gads Value: ID=c9606cd48394fc6b:T=1659233066:S=ALNI_MaIn_RjPUQJ6km8Qe9ezKxIi32d4A
.nv.ua/	1970-01-20 22:25:05	Name: _ga_52RSPD3WMK Value: GS1.1.1659233065.1.0.1659233067.0
.travelaudience.com/	1970-01-20 14:24:07	Name: _tracker Value: %7B%22UUID%22%3A%222CF52221-8561-4737-A307-720185D8413C%22%7D
.casalemedia.com/	1970-01-20 13:39:29	Name: CMID Value: YuXjKwo57ROrmh5i2drDCAAA
.casalemedia.com/	1970-01-20 07:03:29	Name: CMPS Value: 4378
.casalemedia.com/	1970-01-20 07:03:29	Name: CMPRO Value: 1859
.criteo.com/	1970-01-20 14:15:29	Name: uid Value: abdbfe46-9487-4e30-9a0a-a6081c987b40
.tribalfusion.com/	1970-01-20 07:03:29	Name: ANON_ID Value: ainseFt3er76AxvPABpYGFv4YyJd4U71xCkWmo4VntaXypsNNn2sKZaxUlu5yydG6I9W0ZaGNUOZb0nnPRhJLMv
.nv.ua/	1970-01-20 14:15:29	Name: cto_bundle Value: fbnzsl9JOXB0TURmcTQzYnBrdVp3cFJqQUVaRnhXMzE4blVMJTJGemltRnJzdlFRN0xpaGRWV09wSmEwOWlQQW5pJTJGR3E5RU11NkpyYTU4Y3V0aHVLekwyUzNGejI0S2NmV0VwNHcyTFI2OEpHbllBbVF5dXFMM1JkJTJGanhZSFBjTVg3a3loY2R1MkViYjEySVp6emM0NUhOZDUwaXclM0QlM0Q
.tidaltv.com/	1970-01-20 13:39:29	Name: tidal_ttid Value: 58cabc11-9dd1-477e-bcb0-c3d3cf9e46f7
.tidaltv.com/	1970-01-20 13:39:29	Name: sync-his Value: "H4sIAAAAAAAAADM0NrQ0tTI0sgAAWSDs7wkAAAA="
.casalemedia.com/	1970-01-20 04:55:19	Name: CMST Value: YuXjK2Ll4y4A
.turn.com/	1970-01-20 09:13:05	Name: uid Value: 4230249030444125313
.yahoo.com/	1970-01-20 13:39:50	Name: A3 Value: d=AQABBC7j5WICEMERNTTGxfC-rFrY2aW6cOoFEgEBAQE052LvYgAAAAAA_eMAAA&S=AQAAAt3P0jOdIpxHR13ZQaefJWg
.owneriq.net/	1970-01-20 22:25:05	Name: si Value: Q7125194701703951725
.owneriq.net/	1970-01-20 05:08:17	Name: p2 Value: cc
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 13:39:29	Name: bcookie Value: "v=2&c9ded36a-4740-414d-8676-9247b369e47b"
.linkedin.com/	1970-01-20 09:13:05	Name: li_gc Value: MTswOzE2NTkyMzMwNzA7MjswMjEn4scWLs6yjxraAxBWnbOnSAV7eqoy1u/kOGSSAYsJ8Q==
.linkedin.com/	1970-01-20 04:55:19	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2643:u=1:x=1:i=1659233070:t=1659319470:v=2:sig=AQHL_5rFkaYftGkj5C9TPHHRRE4er6Uq"
sync.srv.stackadapt.com/	1970-01-20 13:39:29	Name: sa-user-id Value: s%3A0-24f04576-013e-4ec7-4144-f046e30d861c.O7FeHSYFRcv8%2FQVKvo%2FpKSKLv7Jhf48xV5FZSKadQZo
.srv.stackadapt.com/	1970-01-20 13:39:29	Name: sa-user-id-v2 Value: s%3AJPBFdgE-TsdBRPBG4w2GHNmKxGk.9yhL4zpE4oU5woeddUnBBAlq3ZvyVQ0i0Fnkj5NbEOs
.casalemedia.com/	1970-01-20 07:03:29	Name: CMTS Value: 4493
.casalemedia.com/	1970-01-20 13:39:29	Name: CMRUM3 Value: f162e5e32e05a0&2762e5e32e0b40&7b62e5e32e2760JPBFdgE-TsdBRPBG4w2GHNmKxGk&e662e5e32e2760&2d62e5e32e05a0CAESEKF5uQlGpsrPzSqVijwHzcE&6f62e5e32e05a0&1f62e5e32e05a00&0462e5e32e27604230249030444125313
.amazon-adsystem.com/	1970-01-20 10:45:14	Name: ad-id Value: AxLwI2mZA0yPt6z_7hLx2CI
.amazon-adsystem.com/	1970-01-22 02:12:36	Name: ad-privacy Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEFPQObzzGj5jidQGIEO32d4&google_cver=1&google_push=AehlK4BnDHbGmSUdaspugLQUuC_r9Ly7z0WfQfDOFKi-MgSNAWUxoccw94xmf2EZpMdMWop4Ieuw290QZ5OEt72togSczeYHwyT3 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50e4689d7799d0a846475dce7991c61c.safeframe.googlesyndication.com
a.tribalfusion.com
a4p.adpartner.pro
acdn.adnxs.com
ad.turn.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
c1.adform.net
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
images.weserv.nl
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
nv.ua
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
region1.google-analytics.com
s.amazon-adsystem.com
s.tribalfusion.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.adaptv.advertising.com
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.18.19.126
104.96.145.246
104.96.159.65
108.138.4.10
13.248.245.213
142.250.181.226
142.250.185.162
146.59.10.80
146.59.30.96
178.250.0.157
178.250.0.165
185.180.12.68
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.47.208.198
23.47.209.6
23.47.209.72
2602:803:c003:200::41
2606:4700:10::ac43:175a
2606:4700:3032::6815:4f5f
2606:4700:4400::6812:230b
2606:4700::6810:7daf
2606:4700::6812:c4c
2620:1ec:21::14
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a00:1450:4014:80a::200e
2a00:1450:4014:80e::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1400
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3602:eb29:24a:27ab:996c
2a0c:5c81:5142::2
3.33.220.150
34.234.190.176
35.156.14.215
35.190.0.66
37.157.3.28
37.157.6.252
37.252.172.249
52.46.143.56
54.160.175.117
54.38.197.123
69.173.144.138
89.184.81.35
000c3ced0e8b52a4200548be04653a63149fbcfa5a34511dca4861c2ed8a0309
004f701450e12c805b538edd4c3fbe4cea24251fca2e4b46f54ae9817eb995f9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09eef852487b504728c2c26fea41d6aa29fb51190a57d24ea46550d266405c88
0b59b79a3de628e26f58953655d176928d1bc8a634c5f3ce5617a83bf81a7ea3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
1382e2b77c4d9092a81b2f119ecf60f874dbf8cf5acc0df28c9a2245549b1eb4
157918ae0a34f1e3de66d9ef6a31de219834f2ecf2e60d115a03ba531a57f28c
28bd509b652f2f5aa9f115290abe04bca5a8cdf04ab405ca1abdb6f67f25c0bd
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2d7fc710068824bbb52b37d50dd3c95f299acf5110dcee9a483877f06787bd07
2e81e81ca96d183cc0cac80a256799c86c1be8146f3245467f3149e40893f408
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
373d619c9e3ce26b4a2e43872fa34ec942cacbd261270577121d046cdc7303fb
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff5a9d93d1c7ac3bedc65ecf742ad023c3e12de3a89b92b7af76da1695bf14c
4361c50d39062b724f10a00a46ecabbd507be9be81699764526f4e41f6261e4f
43ff1641adb4d32453b4f01a9dc51220a3cb30b72e5414e3d7252957c157905c
48b4d3761b0f1fdcdd4a4df505e36c7bd3372f444554c907de272cf5410187fb
493a565b1cd48d62b4a893c93a41b16220091bd3cd7503d596e809ee7a6a432e
4adb8e05ff6b6ac0807df7f058a2151c9ef27cf33d095c5a2cb1f07e69930400
4c44b7ac3b0fb4895714ee8a35ed0a452b849df7759ee470ed8a7455ed15270f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
55f30f86f3429b9ac694ae93e67cd09f3f49afd20d08a6508f4507173e73a03b
561f220f18a9ae3b198b949ca05d237ff588980b0e1db8b573fdf5e61e0b0ddd
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
59687f705380983174757aeaf8256128f42e4d9b6a8eaefebb8295b1125af4fe
59e94d8b86ddaf19218f087d1659a3a48c7ab3c7315572f862b0e4ec77af16b7
5b1f02d95280adef9a9977bcbbe074d703f2b6afdd56617cf60baf317be79389
5d0b99c30b51083bfea2b4b29012841762e6a78a5fb36ae0576d38730dce09b4
5df3497cb7101acea511f3597f1f6a2f3230f489d99f752fa7da2dc9f5c14f18
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5ebd8fc9fb444824db793ddcdfaf9bd9182beb696cc518c5b7d510ec58904069
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636323fc587f3a600213ba4c1745b3542b04286c60ce7f4cef32a2065dee968e
64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8
668d52598d7da738b2e95f0399d214e29f03841895d7fc80313c8ee11418f469
68388fc1253f0b0052fcaaac5bb24ef4fe21f56f0d084abdbf2cf2b2c20c5a3a
685de8544bd6ebc1fccee942b67fb0bd0d5ef84a40bd384fdbcaf8d34c047be8
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
704557ac237d4c77be826b47e8bf3220849a3f6a32b29153db46ad6e03f01981
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7c09f5e323e5a4b213105be896d6da202129c4a88c39133c9411021519ae2635
7e9e03aa5c57281c7a97685b5af1ea34f20bdea8a415cfb90934092822c650f5
813b72c5bef0ebba0bd8f4104bfc8915577d2a4bbf06c5ac96bb7d97f5834cf8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8b5f0e9d22c349331090274d28f839231bc9c54122515c0274221d25affba62b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
927cddf4efe987c54a455369bf473cc7dd008b117dec7ccc3c17a3d8220d918d
971a4cdb01f10ca47a487ae9ea731b281fec186608782e90be0c5db4c6108202
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b186c96251e385a93881990af45bec654d73db5b8ed7ba9ff06ec24aee97788
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
a00cc618f6b57d534d78f8118101d6dbdee22af35b41333c94b0db37ba2adac7
a065356566adf368aabfa1134c41d2e62136e3673e6b7b7b5517fdb3785664a7
a0cdfe439f37481c7ca5070d9f7fc0b408c4a3e38468d1992d54394bb4b28e13
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7153d668885da59c5b1411bff4657ac28447d0e16e667dd032b7476dcb2c66
ab75e5cf95b8a56cb32d935c17705e55a10d1ebc17c1efd779d3d36c08b44387
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae986ade5953f17f0c194a77370a6f6103a569aa84033c394da615e657010b23
af70e216cb98991e78d434dcc923dd64e762bb46592dc8e5e19cb41550d7b087
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
b6bf044b110356ff7b82174924c3466394ff6356dec8f00e419fc2a9edb72c1a
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b776706d697d7c0ed67cb934f60fdea6fa83f6c677ae705536ec2b3b01247d0e
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b9896fb8f9989c1e1d66dd046470400ff69e4cf9d715e2ee9c9acca6b49b704b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
bd3aeae138ed5142d8983f6e4c0e359cb3e49f06373213706546cfeef130ce24
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ed818755223a03cbbfdb5ab7c4b759a9b0f01673363197ea01a54b0072cbc9
ca69cc671e77c7acb5dbe23a5bbf61f8cdec6cd9e35528849e9ea7a5914b3723
cad63bf9d29d6512009afde6e023f882aaa80e43ce191717dd97a5a1215f2a67
cd77c8dfad7dc6d6d4e55aeff7813be3e207893d7877b78e52da315785a22e08
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
daf971cc02f4afbbeda0c2fca9141ad6ef0a541e363391499458ea2e7475bcca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49404afe5380a41efe05ae4c99c25692791b19f1a2ee344dd9707c4715546f0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e897570f761f4201ca14a338ef8666b56507c118748bde5d41464367463a3e4e
e8a34d4a1e05df99f1f5b6a87cc8031e5176190f4d8cf1555cee8a96b3a1840f
eceb57f2a2cb7e73836ef46e7306746fc59d7b41a01644a335c348d9fd0ea564
ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06153aa7ba58b75588a22df22b5d78254d0500985faeefc7c6815ead7baab77
f2fb7f8ce89c0316f272cc353d1341a3f5ee6ac5c7a32fcd9305b88157ebabc6
ff8e47baf4da59461b0939c82864d5ef9c388d2f335a21348bab272c55522401
ffbec67928f6720e4a930cdb693f132538ab32cf3dbce154cce3f306fcd9dceb

nv.ua Open in urlscan Pro 2606:4700:10::ac43:175a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

86 %HTTPS

53 %IPv6

38 Domains

67 Subdomains

56 IPs

12 Countries

2416 kBTransfer

4336 kBSize

45 Cookies

105 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

86 %
HTTPS

53 %
IPv6

38
Domains

67
Subdomains

56
IPs

12
Countries

2416 kB
Transfer

4336 kB
Size

45
Cookies

143 HTTP transactions
1 data transactions