urlscan.io logo urlscan.io
SecurityTrails logo

nt.ck.ua Open in urlscan Pro
185.143.172.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nt.ck.ua/
Effective URL: https://nt.ck.ua/
Submission: On July 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 11 countries across 74 domains to perform 321 HTTP transactions. The main IP is 185.143.172.209, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is nt.ck.ua.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.
This is the only time nt.ck.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 49 185.143.172.209 50340 (SELECTEL-MSK)
1 2a00:7a60:0:1... 200000 (UKRAINE-AS)
2 146.59.152.166 16276 (OVH)
2 3 95.217.33.38 24940 (HETZNER-AS)
12 2a00:1450:400... 15169 (GOOGLE)
60 95.216.99.227 24940 (HETZNER-AS)
5 10 93.84.112.130 6697 (BELPAK-AS...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 185.134.201.14 203444 (MAPMAKERS...)
1 185.134.201.5 203444 (MAPMAKERS...)
1 2a0a:7d80:1:7... 6697 (BELPAK-AS...)
1 2a02:6b8:a::a 13238 (YANDEX)
1 199.232.196.134 54113 (FASTLY)
6 95.163.114.203 12695 (DINET-AS)
2 3 88.212.201.198 39134 (UNITEDNET)
5 11 2a02:6b8::1:119 13238 (YANDEX)
7 62.244.25.85 3254 (LUCKYNET ...)
5 2a02:6b8:20::215 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 11 46.4.121.26 24940 (HETZNER-AS)
1 16 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 188.42.196.115 7979 (SERVERS-COM)
1 1 157.90.179.218 24940 (HETZNER-AS)
3 195.201.243.72 24940 (HETZNER-AS)
2 2 193.232.148.145 48061 (UMA-TECH-AS)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 2 195.209.108.48 52007 (ADRIVER-AS)
2 81.222.128.215 20597 (ELTEL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.117.93 204600 (REPUBLER-AS)
3 5 31.172.81.160 44066 (DE-FIRSTC...)
5 5 31.172.81.159 44066 (DE-FIRSTC...)
1 37.18.16.22 205675 (HYBRID-AS)
2 185.15.175.132 43226 (SAFEDATA ...)
1 195.201.57.28 24940 (HETZNER-AS)
3 19 142.250.185.194 15169 (GOOGLE)
1 1 109.248.237.36 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
1 95.163.37.253 47764 (MAILRU-AS...)
3 3 188.34.131.130 24940 (HETZNER-AS)
2 3 95.216.101.186 24940 (HETZNER-AS)
2 2 35.190.16.14 15169 (GOOGLE)
1 1 193.106.95.134 48614 (ITSOFT-AS)
3 5 89.108.119.28 197695 (AS-REG)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
1 1 89.108.97.2 197695 (AS-REG)
4 4 217.66.147.162 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 4 2a02:6b8::90 13238 (YANDEX)
1 1 88.198.31.232 24940 (HETZNER-AS)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 217.65.2.150 3175 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
4 4 35.186.253.211 15169 (GOOGLE)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
3 3 69.173.144.138 26667 (RUBICONPR...)
2 4 217.182.200.20 16276 (OVH)
2 2 99.80.199.35 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 104.117.200.162 16625 (AKAMAI-AS)
1 88.212.233.36 7979 (SERVERS-COM)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 4 185.15.175.133 43226 (SAFEDATA ...)
1 92.63.193.64 29182 (THEFIRST-AS)
1 82.146.33.102 29182 (THEFIRST-AS)
1 5.9.154.158 24940 (HETZNER-AS)
1 149.154.65.194 29182 (THEFIRST-AS)
321 65
49    185.143.172.209 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: russian1.hhos.ru
www.nt.ck.ua
nt.ck.ua
1    2a00:7a60:0:1025::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
site-ok.ua
2    146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co
i.ibb.co
3    95.217.33.38 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ceramtrade.ru
www.ceramtrade.ru
12    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
60    95.216.99.227 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: s62.nska.net
polotsk-portal.ru
10    93.84.112.130 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
belnovosti.by
www.belnovosti.by
1    2606:4700:20::ac43:4535 (United States)

ASN13335 (CLOUDFLARENET, US)
kupisuvenir.com.ua
1    2606:4700:20::681a:a14 (United States)

ASN13335 (CLOUDFLARENET, US)
duda.com.ua
8    185.134.201.14 (Russian Federation)

ASN203444 (MAPMAKERSGROUP, RU)
nst1.gismeteo.ru
1    185.134.201.5 (Russian Federation)

ASN203444 (MAPMAKERSGROUP, RU)
www.gismeteo.ru
1    2a0a:7d80:1:7::115:f6 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
vkurse.by
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
www.yandex.ru
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
http-polotsk-portal-ru.disqus.com
6    95.163.114.203 (Russian Federation)

ASN12695 (DINET-AS, RU)
w.uptolike.com
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
7    62.244.25.85 (Ukraine)

ASN3254 (LUCKYNET Lucky Net Ltd, UA)
js-ru.redtram.com
n4p-rus.redtram.com
img300-rus.redtram.com
nc-rus.redtram.com
5    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
site.yandex.net
yastatic.net
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
11    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
www.acint.net
16    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
8    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
8    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
30    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    157.90.179.218 (Germany)

ASN24940 (HETZNER-AS, DE)
ssp-rtb.sape.ru
3    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
2    193.232.148.145 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
px.adhigh.net
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
2    195.209.108.48 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
ssp.adriver.ru
1    2606:4700:3039::6815:c039 (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru
sync.republer.com
5    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
5    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    37.18.16.22 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    195.201.57.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de
sync.dmp.otm-r.com
19    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
1    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
3    188.34.131.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.131.34.188.clients.your-server.de
adx.com.ru
3    95.216.101.186 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de
sync.1dmp.io
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
5    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
sape-sync.rutarget.ru
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru
1    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
4    217.66.147.162 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-162-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
tech.rtb.mts.ru
4    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
1    88.198.31.232 (Germany)

ASN24940 (HETZNER-AS, DE)
exchange.buzzoola.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    2606:4700:10::ac43:dab (United States)

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    217.182.200.20 (France)

ASN16276 (OVH, FR)
PTR: gcm6.host.hit.gemius.pl
googlecm.hit.gemius.pl
2    99.80.199.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pixel.everesttech.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    104.117.200.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-162.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    88.212.233.36 (Russian Federation)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
1    2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
4    185.15.175.133 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    92.63.193.64 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1501.ru
meealt.ru
1    82.146.33.102 (Moscow, Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1002.ru
dspco.ru
1    5.9.154.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.154.9.5.clients.your-server.de
static.tnsis.ru
1    149.154.65.194 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1011.ru
aipam.ru
Apex Domain
Subdomains		 Transfer
60 polotsk-portal.ru
polotsk-portal.ru
10 MB
49 nt.ck.ua
www.nt.ck.ua
nt.ck.ua
4 MB
42 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
408 KB
35 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
127 KB
14 acint.net
www.acint.net
acint.net
14 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
151 KB
10 belnovosti.by
belnovosti.by
www.belnovosti.by
25 KB
9 yandex.com
mc.yandex.com
5 KB
9 youtube.com
www.youtube.com
gdata.youtube.com Failed
661 KB
9 gismeteo.ru
nst1.gismeteo.ru
www.gismeteo.ru
15 KB
7 google.com
adservice.google.com
www.google.com
14 KB
7 redtram.com
js-ru.redtram.com
n4p-rus.redtram.com
img300-rus.redtram.com
nc-rus.redtram.com
97 KB
7 yandex.ru
www.yandex.ru
mc.yandex.ru
an.yandex.ru
50 KB
6 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
4 KB
6 digitaltarget.ru
tag.digitaltarget.ru
dmg.digitaltarget.ru
22 KB
6 uptolike.com
w.uptolike.com
20 KB
5 aidata.io
x01.aidata.io
2 KB
5 adsniper.ru
sync3.adsniper.ru
3 KB
5 bumlam.com
sync.bumlam.com
3 KB
5 googletagservices.com
www.googletagservices.com
177 KB
4 gemius.pl
googlecm.hit.gemius.pl
803 B
4 openx.net
rtb.openx.net
1 KB
4 adriver.ru
ad.adriver.ru
ssp.adriver.ru
2 KB
4 yandex.net
site.yandex.net
26 KB
3 rubiconproject.com
pixel.rubiconproject.com
1 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 advarkads.com
s3.advarkads.com
api.advarkads.com
7 KB
3 1dmp.io
sync.1dmp.io
1 KB
3 com.ru
adx.com.ru
1 KB
3 betweendigital.com
ads.betweendigital.com
1014 B
3 yadro.ru
counter.yadro.ru
1 KB
3 googleapis.com
ajax.googleapis.com Failed
fonts.googleapis.com Failed
2 KB
3 ceramtrade.ru
www.ceramtrade.ru
2 KB
2 addthis.com
e.dlx.addthis.com
1 KB
2 rlcdn.com
id.rlcdn.com
934 B
2 everesttech.net
pixel.everesttech.net
839 B
2 mookie1.com
odr.mookie1.com
996 B
2 quantserve.com
cms.quantserve.com
832 B
2 weborama.fr
redirect.frontend.weborama.fr
842 B
2 republer.com
sync.republer.com
950 B
2 adhigh.net
px.adhigh.net
824 B
2 google.de
adservice.google.de
287 B
2 ibb.co
i.ibb.co
123 KB
1 aipam.ru
aipam.ru
319 B
1 tnsis.ru
static.tnsis.ru
490 B
1 dspco.ru
dspco.ru
321 B
1 meealt.ru
meealt.ru
490 B
1 innovid.com
ag.innovid.com
296 B
1 gnezdo.ru
fcgi4.gnezdo.ru
188 B
1 new-programmatic.com
match.new-programmatic.com
215 B
1 uuidksinc.net
s.uuidksinc.net
325 B
1 buzzoola.com
exchange.buzzoola.com
176 B
1 rktch.com
ut.rktch.com
544 B
1 beeline.ru
0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru
636 B
1 rutarget.ru
sape-sync.rutarget.ru
416 B
1 prodmp.ru
prodmp.ru
277 B
1 relap.io
relap.io
986 B
1 adlmerge.com
adlmerge.com
117 B
1 adlabs.ru
stat.adlabs.ru
108 B
1 otm-r.com
sync.dmp.otm-r.com
69 B
1 hybrid.ai
dm.hybrid.ai
332 B
1 utraff.com
a.utraff.com
721 B
1 mail.ru
ad.mail.ru
635 B
1 sape.ru
ssp-rtb.sape.ru
566 B
1 yastatic.net
yastatic.net
28 KB
1 ytimg.com
i.ytimg.com
3 KB
1 ggpht.com
yt3.ggpht.com
1 KB
1 googleadservices.com
partner.googleadservices.com
258 B
1 disqus.com
http-polotsk-portal-ru.disqus.com
1 KB
1 vkurse.by
vkurse.by
1 duda.com.ua
duda.com.ua
38 KB
1 kupisuvenir.com.ua
kupisuvenir.com.ua
55 KB
1 site-ok.ua
site-ok.ua
3 MB
0 rambler.ru Failed
counter.rambler.ru Failed
321 74
Domain Requested by
60 polotsk-portal.ru nt.ck.ua
47 nt.ck.ua 1 redirects nt.ck.ua
30 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
nt.ck.ua
pagead2.googlesyndication.com
19 cm.g.doubleclick.net 3 redirects nt.ck.ua
googleads.g.doubleclick.net
15 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
12 pagead2.googlesyndication.com nt.ck.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
11 www.acint.net 2 redirects nt.ck.ua
www.acint.net
9 mc.yandex.com 4 redirects nt.ck.ua
9 www.youtube.com nt.ck.ua
www.youtube.com
8 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
8 nst1.gismeteo.ru nt.ck.ua
6 w.uptolike.com nt.ck.ua
w.uptolike.com
5 x01.aidata.io 3 redirects www.acint.net
5 sync3.adsniper.ru 5 redirects
5 sync.bumlam.com 3 redirects www.acint.net
5 www.google.com 1 redirects www.youtube.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
5 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 www.belnovosti.by nt.ck.ua
5 belnovosti.by 5 redirects
4 dmg.digitaltarget.ru 2 redirects www.acint.net
4 googlecm.hit.gemius.pl 2 redirects nt.ck.ua
4 rtb.openx.net 4 redirects
4 an.yandex.ru 1 redirects www.acint.net
4 sm.rtb.mts.ru 4 redirects
4 img300-rus.redtram.com nt.ck.ua
4 www.gstatic.com www.youtube.com
googleads.g.doubleclick.net
4 site.yandex.net nt.ck.ua
site.yandex.net
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 sync.1dmp.io 2 redirects www.acint.net
3 adx.com.ru 3 redirects
3 acint.net www.acint.net
3 ads.betweendigital.com 2 redirects www.acint.net
3 counter.yadro.ru 2 redirects nt.ck.ua
3 fonts.googleapis.com nt.ck.ua
googleads.g.doubleclick.net
3 www.ceramtrade.ru 2 redirects nt.ck.ua
2 e.dlx.addthis.com 2 redirects
2 id.rlcdn.com 2 redirects
2 pixel.everesttech.net 2 redirects
2 odr.mookie1.com googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 tech.rtb.mts.ru 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 ad.adriver.ru 2 redirects
2 px.adhigh.net 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 mc.yandex.ru 1 redirects nt.ck.ua
2 i.ibb.co nt.ck.ua
2 www.nt.ck.ua 2 redirects
1 aipam.ru meealt.ru
1 static.tnsis.ru w.uptolike.com
1 dspco.ru w.uptolike.com
1 meealt.ru w.uptolike.com
1 ag.innovid.com googleads.g.doubleclick.net
1 api.advarkads.com s3.advarkads.com
1 fcgi4.gnezdo.ru www.acint.net
1 match.new-programmatic.com www.acint.net
1 s.uuidksinc.net 1 redirects
1 exchange.buzzoola.com 1 redirects
1 ut.rktch.com 1 redirects
1 0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru 1 redirects
1 sape-sync.rutarget.ru 1 redirects
1 prodmp.ru 1 redirects
1 relap.io www.acint.net
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 sync.dmp.otm-r.com www.acint.net
1 dm.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 ad.mail.ru www.acint.net
1 ssp-rtb.sape.ru 1 redirects
1 nc-rus.redtram.com nt.ck.ua
1 n4p-rus.redtram.com js-ru.redtram.com
1 yastatic.net site.yandex.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 js-ru.redtram.com nt.ck.ua
1 http-polotsk-portal-ru.disqus.com nt.ck.ua
1 www.yandex.ru nt.ck.ua
1 vkurse.by nt.ck.ua
1 www.gismeteo.ru nt.ck.ua
1 duda.com.ua nt.ck.ua
1 kupisuvenir.com.ua nt.ck.ua
1 site-ok.ua nt.ck.ua
0 gdata.youtube.com Failed nt.ck.ua
0 counter.rambler.ru Failed nt.ck.ua
0 ajax.googleapis.com Failed nt.ck.ua
321 94

This site contains links to these domains. Also see Links.

Domain
www.gismeteo.ru
polotsk-portal.ru
Subject Issuer Validity Valid
nt.ck.ua
R3		 2021-07-22 -
2021-10-20		 3 months crt.sh
www.site-ok.ua
R3		 2021-06-20 -
2021-09-18		 3 months crt.sh
ibb.co
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
ceramtrade.ru
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
polotsk-portal.ru
R3		 2021-07-09 -
2021-10-07		 3 months crt.sh
www.belnovosti.by
GeoTrust EV RSA CA 2018		 2020-07-21 -
2022-09-19		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-02 -
2021-09-02		 a year crt.sh
duda.com.ua
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.gismeteo.ru
AlphaSSL CA - SHA256 - G2		 2020-07-31 -
2021-08-22		 a year crt.sh
vkurse.by
R3		 2021-06-06 -
2021-09-04		 3 months crt.sh
yandex.ru
Yandex CA		 2021-03-18 -
2021-09-16		 6 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
uptolike.com
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh
counter.yadro.ru
R3		 2021-05-29 -
2021-08-27		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.redtram.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-10 -
2022-02-13		 2 years crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.acint.net
R3		 2021-06-15 -
2021-09-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.bumlam.com
R3		 2021-07-01 -
2021-09-29		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tag.digitaltarget.ru
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
adlmerge.com
R3		 2021-07-15 -
2021-10-13		 3 months crt.sh
relap.io
GeoTrust RSA CA 2018		 2020-10-01 -
2021-10-06		 a year crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
sync.1dmp.io
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
new-programmatic.com
R3		 2021-05-20 -
2021-08-18		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-07-10 -
2021-10-08		 3 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
dmg.digitaltarget.ru
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
meealt.ru
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh
dspco.ru
R3		 2021-06-26 -
2021-09-24		 3 months crt.sh
static.tnsis.ru
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh
aipam.ru
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh

This page contains 23 frames:

Primary Page: https://nt.ck.ua/
Frame ID: 688EE36C467464189CB5A6DA36CA49CB
Requests: 173 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ulSW0-BWAvU
Frame ID: F4E686E52ADEABF3365C2C17BC789F7F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: 45676BDDBEFDD983A314ADBDC2E92684
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=280&slotname=8346940676&adk=2469932221&adf=1936478675&pi=t.ma~as.8346940676&w=658&fwrn=4&fwrnh=100&lmt=1627023687&rafmt=1&psa=0&format=658x280&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687491&bpp=5&bdt=557&idt=82&shv=r20210720&ptt=9&saldr=aa&abxe=1&correlator=2596595442561&frm=20&pv=2&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nW0EXI4vhe&p=https%3A//nt.ck.ua&dtd=107
Frame ID: 76F30D533D3D8825419D5F4AF0628E90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Frame ID: B147707B407BDA65129B6A50F7C411D6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&adk=1812271804&adf=3025194257&lmt=1627023687&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnt.ck.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687552&bpp=1&bdt=618&idt=70&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600&nras=1&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=83
Frame ID: 958BE138F16BB8EF043801CD0A76BCC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Frame ID: EC9DA781808F229002FF4BB27854D356
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Frame ID: 2D40FA8CAFDA4B789F8400F7D161A6A6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Frame ID: 8F0EE9CA88A41189B0FA6E66D4880C05
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html
Frame ID: 17EE8C562B8C48093D694C74CF3CEE2F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B6E74FE479C052D0E1AC8D5CE317036E
Requests: 2 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 1D1D52845BB9CD373B6E0364C818EB4C
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0037B996EB474A797AF8BB4509E8C7F0
Requests: 9 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
Frame ID: 7BB0FD0E7CC5A2B11F8F21AABDB44269
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 753D2F737A48DC215DE3DA05FD4CEA2A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: EF8CBD19F926930E51000C49F26D52C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A173F30DE17CBD648BF546AAC34EF2D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: 93B12A0025848F041DB2A3E2A0C21784
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Frame ID: BEC32B1BC37520F56F2D7DB2F0477D66
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
Frame ID: 09A300849429C883155C4A204FE87186
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 34957BCCDD961A8EB595B0B9F6D55058
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54030CF18736D5BB25B286FAB42D33A8
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 3AE4F059BF4BF22F9EEDC997F14681AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.nt.ck.ua/ HTTP 301
    https://www.nt.ck.ua/ HTTP 301
    http://nt.ck.ua/ HTTP 301
    https://nt.ck.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /DataLife Engine/i
Overall confidence: 100%
Detected patterns
  • meta generator /DataLife Engine/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • meta generator /DataLife Engine/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

321
Requests

98 %
HTTPS

34 %
IPv6

74
Domains

94
Subdomains

65
IPs

11
Countries

19343 kB
Transfer

23154 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nt.ck.ua/ HTTP 301
    https://www.nt.ck.ua/ HTTP 301
    http://nt.ck.ua/ HTTP 301
    https://nt.ck.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/abington_tmb.jpg HTTP 301
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/abington_tmb.jpg/ HTTP 301
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/
Request Chain 43
  • https://belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg HTTP 301
  • https://www.belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
Request Chain 44
  • https://belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg HTTP 301
  • https://www.belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg
Request Chain 47
  • https://belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg HTTP 301
  • https://www.belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg
Request Chain 48
  • https://belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg HTTP 301
  • https://www.belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
Request Chain 51
  • https://belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg HTTP 301
  • https://www.belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
Request Chain 119
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273
Request Chain 148
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 179
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9343.TNgFCfdU2VxkwzWtEndRpniRv327U_ZREzhHGliP9B0u7BrBBxFlWl9Th1jIAVut.bST-LZ2dkiYWxhERjsQ3gA2ixzc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9343.8nlIMeH-_zWB5C1n1zou0G8naEJrymvR5l02VLAQpHN3pZpAsPZLtYE-J4g_rQe6p-813zaKoE1fagkrpxN10A%2C%2C.F6rWtD7FBKW9u5o-4RahiKK3qD0%2C
Request Chain 185
  • https://www.acint.net/mc/?dp=10 HTTP 302
  • https://www.acint.net/mc/?dp=10&tc=1
Request Chain 191
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 217
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D&crf=1
Request Chain 218
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007F4869FA602500194E02386136
Request Chain 219
  • https://px.adhigh.net/p/cm/sape?u=0100007F4869FA60E1043574025F231D HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0100007F4869FA60E1043574025F231D&bounced=1 HTTP 302
  • https://acint.net/match?dp=17&euid=5fnE5LIvg6Z.AikABlF60itFUw
Request Chain 221
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5599228341 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=AvEyHIFdxbBebmu3Uaj4_hg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4869FA60E1043574025F231D
Request Chain 223
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=32568732-e46f-417e-8593-2a25f373ed0a HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBh HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziIV1OuDEeum6QAlkMgkNw** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABjJ0umHBmIkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA**
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf0hp-mDhBDV0Al8jHQ HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 228
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D
Request Chain 231
  • https://adx.com.ru/sape-sync?uid=0100007F4869FA60E1043574025F231D HTTP 302
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F4869FA60E1043574025F231D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60fa6949f0e015958616421c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D60fa6949f0e015958616421c%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D60fa6949f0e015958616421c%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60fa6949f0e015958616421c%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60fa6949f0e015958616421c%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60fa6949f0e015958616421c%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60fa6949f0e015958616421c%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=782784676 HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60fa6949f0e015958616421c%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60fa6949f0e015958616421c%2526dest%253D&webouid=9V/741k42TBXaZprcqj7F. HTTP 302
  • https://prodmp.ru/yabbi.gif?uid=60fa6949f0e015958616421c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60fa6949f0e015958616421c%26dest%3D HTTP 302
  • https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest= HTTP 302
  • https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest=&bounce=1
Request Chain 232
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D&cs=1
Request Chain 233
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=PkH0mIaekAr2
Request Chain 234
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=107&euid=e3e22512-86c9-52cc-96c6-20daf63c4992
Request Chain 235
  • https://0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru/p?ssp=sp&id=0100007F4869FA60E1043574025F231D HTTP 301
  • https://www.acint.net/match?dp=111&euid=ede34873-b444-4ff9-b77d-5c9fa0dec831
Request Chain 236
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F4869FA60E1043574025F231D HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=natimatica&id=962f67eb85449fc72961bea43d6a99b30d60 HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&ssp=natimatica&exu=962f67eb85449fc72961bea43d6a99b30d60 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=2cbf1a4e-7e77-4355-bf30-345964a36fb9&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FLL8aTn53Q1W_MDRZZKNvuQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253D2cbf1a4e-7e77-4355-bf30-345964a36fb9%26sign%3D952304247 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=952304247
Request Chain 237
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F4869FA60E1043574025F231D HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&ssp=sape&exu=0100007F4869FA60E1043574025F231D HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=2cbf1a4e-7e77-4355-bf30-345964a36fb9&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FLL8aTn53Q1W_MDRZZKNvuQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D2cbf1a4e-7e77-4355-bf30-345964a36fb9%26sign%3D3686996724 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=3686996724
Request Chain 238
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=456fcd3c-5182-4bb3-7485-0e44fd6cf104
Request Chain 239
  • https://s.uuidksinc.net/match/396/0100007F4869FA60E1043574025F231D HTTP 302
  • https://www.acint.net/match?dp=127&euid=szZxWMnWAkbcsrAb8nac
Request Chain 242
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4869FA60E1043574025F231D HTTP 302
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4869FA60E1043574025F231D&bounce=1 HTTP 302
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=25154AE567E3D806BF4E&back=STOP
Request Chain 243
  • https://sync.bumlam.com/?src=sap1&uid=0100007F4869FA60E1043574025F231D HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjJ0umHBlIFrbKc-w9iIDAxMDAwMDdGNDg2OUZBNjBFMTA0MzU3NDAyNUYyMzFE HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjJ0umHBlIFrbKc-w9iIDAxMDAwMDdGNDg2OUZBNjBFMTA0MzU3NDAyNUYyMzFEogEQziUvJuuDEeug1wAlkORcOA** HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4 HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4
Request Chain 244
  • https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D?redir-setuniq=1
Request Chain 258
  • https://mc.yandex.com/watch/45352194?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A2%3Adp%3A0%3Als%3A1291358964092%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A249402165%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0 HTTP 302
  • https://mc.yandex.com/watch/45352194/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A2%3Adp%3A0%3Als%3A1291358964092%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A249402165%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Request Chain 259
  • https://mc.yandex.com/watch/23414332?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A3%3Adp%3A0%3Als%3A910522936729%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A568763917%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0 HTTP 302
  • https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A3%3Adp%3A0%3Als%3A910522936729%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A568763917%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Request Chain 260
  • https://mc.yandex.com/watch/16742428?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1178847032061%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023688%3Ac%3A1%3Arn%3A619335507%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0 HTTP 302
  • https://mc.yandex.com/watch/16742428/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1178847032061%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023688%3Ac%3A1%3Arn%3A619335507%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Request Chain 276
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3noVvq6aQWhSr HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3noVvq6aQWhSr&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3noVvq6aQWhSr&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Request Chain 277
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH_Cri4CNtAu2K7BNVEYHi4&google_cver=1&google_push=AYg5qPIGxsLF74ag5pjobCG3cqgF_SVYm1fR0gA9HZcvMLpSIJqrBucYDaK7kjiv3Zi2cxPkp7KETb_bqq-wYmAfZFz6oPWfDUocx9TTSVOcS3GEtrnGp4_XDA7InzZ4AqhKq_UjAv7qdlU HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH_Cri4CNtAu2K7BNVEYHi4&google_cver=1&google_push=AYg5qPIGxsLF74ag5pjobCG3cqgF_SVYm1fR0gA9HZcvMLpSIJqrBucYDaK7kjiv3Zi2cxPkp7KETb_bqq-wYmAfZFz6oPWfDUocx9TTSVOcS3GEtrnGp4_XDA7InzZ4AqhKq_UjAv7qdlU&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIGxsLF74ag5pjobCG3cqgF_SVYm1fR0gA9HZcvMLpSIJqrBucYDaK7kjiv3Zi2cxPkp7KETb_bqq-wYmAfZFz6oPWfDUocx9TTSVOcS3GEtrnGp4_XDA7InzZ4AqhKq_UjAv7qdlU
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCyatnb1ZgvSE8phEi3KO2VwHq9uNIAcLoqgYODonbgGTtre_JpfHP03Q8tn4m5TjZRz83Q2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RDctMUItOUxTOA==&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCyatnb1ZgvSE8phEi3KO2VwHq9uNIAcLoqgYODonbgGTtre_JpfHP03Q8tn4m5TjZRz83Q2
Request Chain 279
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g
Request Chain 280
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM57s8UFCM0aC3yjl-IPXM0&google_cver=1&google_push=AYg5qPKpjr6Lp65hXO5OPT7tP9q0CksiDAo9PpjXczoFJnRMNrz_D_qZBm_BHdUC1m8k0lTakb3HmQnERLmt45bj643ZSE1wBpAM3WhDZjFuGWBA0ELm8eMHYR5VxH1L3cAA6Wt7JIktWkXoVQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKpjr6Lp65hXO5OPT7tP9q0CksiDAo9PpjXczoFJnRMNrz_D_qZBm_BHdUC1m8k0lTakb3HmQnERLmt45bj643ZSE1wBpAM3WhDZjFuGWBA0ELm8eMHYR&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 289
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDxcki7z9raPhpAQHkJp3asCp_CgVFlkwxkW1nYyylZ9MeMg6aGXWRrG6Ows984FZiZ0Yv5E4Tc_O0aqgDmgZr06Hw0yY_HRbSgWTGM&google_gid=CAESEAt2K1sHfEyAg3nhGX5AuJA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBY2RAMERoRg&google_push=AYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDxcki7z9raPhpAQHkJp3asCp_CgVFlkwxkW1nYyylZ9MeMg6aGXWRrG6Ows984FZiZ0Yv5E4Tc_O0aqgDmgZr06Hw0yY_HRbSgWTGM
Request Chain 290
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKRCpWiEtVkg_i3D1krhk51c_MquMPXlivdJgF6Mllihkqcbq7oBLTxVLvoGzvistkWFveNLjBo6JZlVrNUDy1ZIC5XoKGCeL_ngl66xHlYlQQ6HgFob27bqN509XGlQgHN6pznTvQ&google_gid=CAESEPgd-eLU2g3lfSRRP9Z6w7g&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMnS6YcGEgUI6AcQAEIASpsBZ29vZ2xlX3B1c2g9QVlnNXFQS1JDcFdpRXRWa2dfaTNEMWtyaGs1MWNfTXF1TVBYbGl2ZEpnRjZNbGxpaGtxY2JxN29CTFR4Vkx2b0d6dmlzdGtXRnZlTkxqQm82SlpsVnJOVUR5MVpJQzVYb0tHQ2VMX25nbDY2eEhsWWxRUTZIZ0ZvYjI3YnFONTA5WEdsUWdITjZwem5UdlE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZWxxeXd1REJ5YVJRNU9tOEJEaFNobExzZk52WlRZb1NYRUpwb2M1Ym1Gcw==&google_push
Request Chain 291
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7uVZXwRRiF60DmFtaLObysh-U-YdmUUuqNpJeJm5lWsMYWnu_vAvC-2QuUfYB1Br43mu6xu_lQE&google_gid=CAESEFeTMGBEofGivya7EpjJApg&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7uVZXwRRiF60DmFtaLObysh-U-YdmUUuqNpJeJm5lWsMYWnu_vAvC-2QuUfYB1Br43mu6xu_lQE&google_gid=CAESEFeTMGBEofGivya7EpjJApg&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjMwNzAxMjkwMDAxMDA3NTkyODY4NA%3D%3D&google_push=AYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7uVZXwRRiF60DmFtaLObysh-U-YdmUUuqNpJeJm5lWsMYWnu_vAvC-2QuUfYB1Br43mu6xu_lQE
Request Chain 293
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPWNiaopT8N1-vfLILPpj_UkHflYNQBIfpSLEqyuKBF6Fa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPWNiaopT8N1-vfLILPpj_UkHflYNQBIfpSLEqyuKBF6Fa&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vltm5sSEUHWE-eyh-bNSglRDBahWdoZjLs_x-TdAUS9hjpmJ1qzbvHlgY6IlZs4AsZ0eh6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RjEtQS04S1o5&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vltm5sSEUHWE-eyh-bNSglRDBahWdoZjLs_x-TdAUS9hjpmJ1qzbvHlgY6IlZs4AsZ0eh6g
Request Chain 295
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM57s8UFCM0aC3yjl-IPXM0&google_cver=1&google_push=AYg5qPIYYyb_1ey68BKWRpRCyQIkI_bSRSU-SoR7zavfTzdNvcjPpoPm1AMZWG6-RMOVpirvA1eM2KdfeCl2pbQiYsDyUrEI1i2ReofY69vbETG93Eq2MdcP2nNMA_izln9fHYFPoJIF7PNDkg HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYYyb_1ey68BKWRpRCyQIkI_bSRSU-SoR7zavfTzdNvcjPpoPm1AMZWG6-RMOVpirvA1eM2KdfeCl2pbQiYsDyUrEI1i2ReofY69vbETG93Eq2MdcP2n&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 301
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENh2mOPnDgFToWl2pJxHFH8&google_cver=1&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb4wQGAuVYG6T910IU76VRWWbIlt8r2rvpNuT6yjQDoBfRYI4KOXB5ToglObVyUJwSmrlTxNVnC-wB3eCnKaRyTd HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb4wQGAuVYG6T910IU76VRWWbIlt8r2rvpNuT6yjQDoBfRYI4KOXB5ToglObVyUJwSmrlTxNVnC-wB3eCnKaRyTd&google_hm=ofz0O3QRLaExe90PdVGimw
Request Chain 302
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1H4GHy1E5xLpZw7LQk8A-Fd8VT_qlAN4m4mXClADk5GxvPD76-Z_rxMj8d0ulRCWH-NBiiTP8RSeKu1vCzgdYuQjWvK2Mx3dkANzOf&google_gid=CAESEAt2K1sHfEyAg3nhGX5AuJA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBQkZmakgyYw&google_push=AYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1H4GHy1E5xLpZw7LQk8A-Fd8VT_qlAN4m4mXClADk5GxvPD76-Z_rxMj8d0ulRCWH-NBiiTP8RSeKu1vCzgdYuQjWvK2Mx3dkANzOf
Request Chain 303
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c5UZIEOttEiUDDd1MJCFCe3vxi78F0h8FZCQfFvbgjcU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c5UZIEOttEiUDDd1MJCFCe3vxi78F0h8FZCQfFvbgjcU&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Request Chain 304
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH_Cri4CNtAu2K7BNVEYHi4&google_cver=1&google_push=AYg5qPLy4eR9f4clOqb4aoUSXnmyXZ8JYPQzVL_iG3Gmasw_0ZIJpziofj1Kwt52Rf8H8v3NKyLIGOJH9o4hE0JrEZg9YyttCJRQufxynjz5sMynOy4Rit8unVmz8gGv3Dc-GFZu870r4kWv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLy4eR9f4clOqb4aoUSXnmyXZ8JYPQzVL_iG3Gmasw_0ZIJpziofj1Kwt52Rf8H8v3NKyLIGOJH9o4hE0JrEZg9YyttCJRQufxynjz5sMynOy4Rit8unVmz8gGv3Dc-GFZu870r4kWv
Request Chain 305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2ndOEfwK2kczTNYa8usWse-hukRCcEotsR2FvSsLIl0on-sG4RSQNADZo6y6YNesPyyOrvUe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5S1QtMjYtQlZKTw==&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2ndOEfwK2kczTNYa8usWse-hukRCcEotsR2FvSsLIl0on-sG4RSQNADZo6y6YNesPyyOrvUe
Request Chain 306
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_cver=1&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1
Request Chain 310
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Request Chain 311
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_noorient

321 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nt.ck.ua/
Redirect Chain
  • http://www.nt.ck.ua/
  • https://www.nt.ck.ua/
  • http://nt.ck.ua/
  • https://nt.ck.ua/
196 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
f02fb7182afaf8a47b146d40d9cd1e220be47730002c073e73b8595da5f96b55

Request headers

:method
GET
:authority
nt.ck.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 23 Jul 2021 07:00:13 GMT
content-type
text/html
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=172800, private, must-revalidate
pragma
no-cache
content-encoding
gzip
set-cookie
antibot-hostia=true; path=/; domain=nt.ck.ua; expires=Sat, 24-Jul-2021 07:01:26 GMT PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; path=/; domain=.nt.ck.ua; HttpOnly dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.nt.ck.ua; httponly dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.nt.ck.ua; httponly dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.nt.ck.ua; httponly
vary
User-Agent

Redirect headers

Server
nginx
Date
Fri, 23 Jul 2021 07:00:13 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
225
Connection
keep-alive
Location
https://nt.ck.ua/
style.css
nt.ck.ua/templates/Sleek/board/style/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/board/style/style.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
9864e98c2055c7d29ccbc77bd7821a6b0102087e40c9197001cee4377a9cd867

Request headers

:path
/templates/Sleek/board/style/style.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2015 17:54:45 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2227
expires
Sat, 23 Jul 2022 07:01:27 GMT
board.js
nt.ck.ua/engine/ajax/board/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/engine/ajax/board/board.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
26de4ddd1b1df5248f57da90a5b50565ee13055f0ce6aaf7ea840d287f8a0d34

Request headers

:path
/engine/ajax/board/board.js
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sat, 21 Feb 2015 12:42:25 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3812
expires
Sat, 23 Jul 2022 07:01:27 GMT
nextgame.style.css
nt.ck.ua/templates/Sleek/nextgame/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/nextgame/nextgame.style.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
91ecc19a145dc8c385fa84f070fcf31e8b71691ca26cb41036da659c308e999d

Request headers

:path
/templates/Sleek/nextgame/nextgame.style.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sun, 25 May 2014 09:05:03 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1558
expires
Sat, 23 Jul 2022 07:01:27 GMT
index.php
nt.ck.ua/engine/classes/min/ 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/engine/classes/min/index.php?charset=windows-1251&g=general&11
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
10fa27f2995544b9e160cd01df5be5cb5ea4fc7c034e15df6920402d3fe50ecb

Request headers

:path
/engine/classes/min/index.php?charset=windows-1251&g=general&11
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sat, 10 May 2014 13:25:52 GMT
server
nginx
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript; charset=windows-1251
cache-control
max-age=31536000 max-age=172800, private, must-revalidate
content-length
59662
expires
Sat, 23 Jul 2022 07:01:27 GMT
webfont.js
nt.ck.ua/engine/editor/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/engine/editor/scripts/webfont.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577

Request headers

:path
/engine/editor/scripts/webfont.js
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sat, 10 May 2014 13:36:10 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1060
expires
Sat, 23 Jul 2022 07:01:27 GMT
default.css
nt.ck.ua/engine/editor/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/engine/editor/css/default.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
fb94f2d531b756ac6d16c478cd4c7c5ed942e116e52aeecfdc9fa14616d3bc3a

Request headers

:path
/engine/editor/css/default.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sat, 10 May 2014 13:27:40 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1629
expires
Sat, 23 Jul 2022 07:01:27 GMT
bootstrap.css
nt.ck.ua/templates/Sleek/assets/css/ 		106 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
e834fb30e92a9b240b1e182276ac19c453694b3303832d22917cbd3dbed35c17

Request headers

:path
/templates/Sleek/assets/css/bootstrap.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Wed, 18 Jun 2014 10:07:30 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
16303
expires
Sat, 23 Jul 2022 07:01:27 GMT
m-buttons.css
nt.ck.ua/templates/Sleek/assets/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/assets/css/m-buttons.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
5cb3bdd4d0a8b314c8c2633a5c026df010649e7102539bb2c4d7691a824e2089

Request headers

:path
/templates/Sleek/assets/css/m-buttons.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Wed, 18 Jun 2014 10:07:32 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3380
expires
Sat, 23 Jul 2022 07:01:27 GMT
engine.css
nt.ck.ua/templates/Sleek/style/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/style/engine.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
29160bf6d2c7d06710c1d94b7d8c51be0bc0178975a275fc7e2b5c76eab23496

Request headers

:path
/templates/Sleek/style/engine.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Fri, 19 Dec 2014 19:24:10 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7069
expires
Sat, 23 Jul 2022 07:01:27 GMT
main.css
nt.ck.ua/templates/Sleek/assets/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/assets/css/main.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
69e08df12e2ef379ba4091073f1d9838db368e03f6064cba973a33a1d6b51568

Request headers

:path
/templates/Sleek/assets/css/main.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Thu, 17 Jul 2014 18:09:51 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1995
expires
Sat, 23 Jul 2022 07:01:27 GMT
bootstrap-responsive.css
nt.ck.ua/templates/Sleek/assets/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap-responsive.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
0208dd9baa0dd61e5617d73f8040a84011c5cc615df1daa17cccd9fa641a5522

Request headers

:path
/templates/Sleek/assets/css/bootstrap-responsive.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Wed, 18 Jun 2014 10:07:27 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
4321
expires
Sat, 23 Jul 2022 07:01:27 GMT
QapTcha.jquery.css
nt.ck.ua/templates/Sleek/style/ 		1 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/style/QapTcha.jquery.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
a9d157d7815f630a6e1dd8874879fe199a95a796aff977f27fdb1ff114138f3d

Request headers

:path
/templates/Sleek/style/QapTcha.jquery.css
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sun, 07 Sep 2014 15:47:06 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
520
expires
Sat, 23 Jul 2022 07:01:27 GMT
jquery.ui.touch.js
nt.ck.ua/templates/Sleek/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/js/jquery.ui.touch.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
0f5afcc8d477e94879f3c169f390caf550d864f297e31ee2a152420d4d15c362

Request headers

:path
/templates/Sleek/js/jquery.ui.touch.js
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Wed, 03 Sep 2014 11:25:43 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1981
expires
Sat, 23 Jul 2022 07:01:27 GMT
QapTcha.jquery.js
nt.ck.ua/templates/Sleek/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/js/QapTcha.jquery.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
bfec0b547d4f20b20507ca6afa91a6333319f10ab6d59180d57096823d6d6fab

Request headers

:path
/templates/Sleek/js/QapTcha.jquery.js
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:13 GMT
content-encoding
gzip
last-modified
Sat, 30 Aug 2014 10:19:40 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1495
expires
Sat, 23 Jul 2022 07:01:27 GMT
1619517512_bk-ggbet.png
nt.ck.ua/uploads/posts/2021-04/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2021-04/1619517512_bk-ggbet.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
e4c2b67970fe21a295a586f8634ed4ab1c68b01d4447359a7321694ca112f257

Request headers

:path
/uploads/posts/2021-04/1619517512_bk-ggbet.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Tue, 27 Apr 2021 09:57:25 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
83186
expires
Sun, 22 Aug 2021 07:01:27 GMT
prodvizheniye-sayta-v-kiyeve-ot-site-ok-2.jpg
site-ok.ua/images/10_03_2021/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-ok.ua/images/10_03_2021/prodvizheniye-sayta-v-kiyeve-ot-site-ok-2.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:7a60:0:1025::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
62634d7c015c332cd46f3fed5c64edc8cf4e3183dc4dd3719f325d83d42864e7

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ray
p988:0.000/wn688:0.000/
last-modified
Wed, 10 Mar 2021 08:44:10 GMT
server
nginx
etag
"604886da-2da2b4"
content-type
image/jpeg
cache-control
max-age=31536000
date
Fri, 23 Jul 2021 07:01:27 GMT
accept-ranges
bytes
content-length
2990772
expires
Sat, 23 Jul 2022 07:01:27 GMT
1613638197_kak-pravilno-vyraschivat-ovoschi.jpg
nt.ck.ua/uploads/posts/2021-02/ 		346 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2021-02/1613638197_kak-pravilno-vyraschivat-ovoschi.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
49c16bf255adcaaafe4d6c133be623be8f2dbcb875c332943644cce2dd189b6a

Request headers

:path
/uploads/posts/2021-02/1613638197_kak-pravilno-vyraschivat-ovoschi.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Thu, 18 Feb 2021 08:48:23 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
354644
expires
Sun, 22 Aug 2021 07:01:27 GMT
1613637971_yuning-renault-trafic.jpg
nt.ck.ua/uploads/posts/2021-02/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2021-02/1613637971_yuning-renault-trafic.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
b7380fd2c17a3f772f4a4de6ecb60ba29851b2cd92eaca79d5f7d3100952f2e4

Request headers

:path
/uploads/posts/2021-02/1613637971_yuning-renault-trafic.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Thu, 18 Feb 2021 08:45:01 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
45611
expires
Sun, 22 Aug 2021 07:01:27 GMT
1611479011_armirovannaya-plenka.jpg
nt.ck.ua/uploads/posts/2021-01/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2021-01/1611479011_armirovannaya-plenka.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
ff05c29002d010728a3edab992e4a03eb6ed4d359c2dd0697f8c8732871afd66

Request headers

:path
/uploads/posts/2021-01/1611479011_armirovannaya-plenka.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Sun, 24 Jan 2021 09:02:05 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
126409
expires
Sun, 22 Aug 2021 07:01:27 GMT
depositphotos-217990982-stock-photo-360-degree-security-camera-cloud.jpg
i.ibb.co/0BGGrpz/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/0BGGrpz/depositphotos-217990982-stock-photo-360-degree-security-camera-cloud.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
4220b48a0f661d8843eb00eab0e7f6b2c27be4ecf22f42be357901a29c1ad8f0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 11 Dec 2020 15:00:12 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
57122
expires
Thu, 31 Dec 2037 23:55:55 GMT
1601065386_vaz.jpg
nt.ck.ua/uploads/posts/2020-09/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-09/1601065386_vaz.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
c44994fa09a2bbd33156a6a14e3dd47c371ddd0a465f03c5bce5d85252d33b68

Request headers

:path
/uploads/posts/2020-09/1601065386_vaz.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Fri, 25 Sep 2020 20:21:28 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
75195
expires
Sun, 22 Aug 2021 07:01:27 GMT
1600620978_elmy.png
nt.ck.ua/uploads/posts/2020-09/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-09/1600620978_elmy.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
0b8fe70c47a567f16193a49bfeecfd0ffa78a95d41790e8e138e3319221be45a

Request headers

:path
/uploads/posts/2020-09/1600620978_elmy.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Sun, 20 Sep 2020 16:55:26 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
207085
expires
Sun, 22 Aug 2021 07:01:28 GMT
vf-heat-detection-camera-digital-barriers-920.jpg
i.ibb.co/vD1M7zQ/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/vD1M7zQ/vf-heat-detection-camera-digital-barriers-920.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
02055a230077da85c22691d25c5cfe98767ca6313a93635d9db0e0303a78672d

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 07 Aug 2020 08:42:25 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
68046
expires
Thu, 31 Dec 2037 23:55:55 GMT
1589716010_krasnodar.jpg
nt.ck.ua/uploads/posts/2020-05/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-05/1589716010_krasnodar.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
9643f0426ccd3323d139f2842cb97800ac4430847330e4f7d5c0e74919ad7aff

Request headers

:path
/uploads/posts/2020-05/1589716010_krasnodar.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Sun, 17 May 2020 11:46:26 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
169547
expires
Sun, 22 Aug 2021 07:01:28 GMT
1589627678_igrovye-pristavki-sony.png
nt.ck.ua/uploads/posts/2020-05/ 		288 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-05/1589627678_igrovye-pristavki-sony.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
afe72e4e054665958d9f744a826faa1e5356bc17b1ca5f2250e24241025ba2a7

Request headers

:path
/uploads/posts/2020-05/1589627678_igrovye-pristavki-sony.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Sat, 16 May 2020 11:14:27 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
295006
expires
Sun, 22 Aug 2021 07:01:28 GMT
1588143618_etazhi-zhurnal.jpg
nt.ck.ua/uploads/posts/2020-04/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-04/1588143618_etazhi-zhurnal.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
578b4edf4d3acd8bfb00318d7c0eef290d7461e822a32587b883caf950472b2f

Request headers

:path
/uploads/posts/2020-04/1588143618_etazhi-zhurnal.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Wed, 29 Apr 2020 06:59:08 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
115723
expires
Sun, 22 Aug 2021 07:01:28 GMT
1586254707_zhalyuzi.jpg
nt.ck.ua/uploads/posts/2020-04/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-04/1586254707_zhalyuzi.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
e4d0d2cab3ad7799406b1c319dba5d56372a871703a027018036b344f30b764b

Request headers

:path
/uploads/posts/2020-04/1586254707_zhalyuzi.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Tue, 07 Apr 2020 10:17:21 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
238404
expires
Sun, 22 Aug 2021 07:01:28 GMT
1585334379_utilcell.jpg
nt.ck.ua/uploads/posts/2020-03/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-03/1585334379_utilcell.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
5db89eb2f9ac49b17cfa2a12209a706fb9e532129fa782518cbb5cc9e449438e

Request headers

:path
/uploads/posts/2020-03/1585334379_utilcell.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Fri, 27 Mar 2020 18:39:22 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
160967
expires
Sun, 22 Aug 2021 07:01:28 GMT
1584776560_assortiment-krovelnyh-materialov-i-tovarov-dlya-stroitelnyh-i-remontnyh-rabot.jpg
nt.ck.ua/uploads/posts/2020-03/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-03/1584776560_assortiment-krovelnyh-materialov-i-tovarov-dlya-stroitelnyh-i-remontnyh-rabot.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
914860fe6e1884514419f14af0370d1e6373460dce30a2865eaf1673f31ea620

Request headers

:path
/uploads/posts/2020-03/1584776560_assortiment-krovelnyh-materialov-i-tovarov-dlya-stroitelnyh-i-remontnyh-rabot.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Sat, 21 Mar 2020 07:41:06 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
202995
expires
Sun, 22 Aug 2021 07:01:28 GMT
1584776203_kursy-depilyacii-v-shkole-kosmetologii.jpg
nt.ck.ua/uploads/posts/2020-03/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-03/1584776203_kursy-depilyacii-v-shkole-kosmetologii.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
4cc6455dfe19534a7b0d4ff93719102017e5999bfddb4804fe74cc242fd35223

Request headers

:path
/uploads/posts/2020-03/1584776203_kursy-depilyacii-v-shkole-kosmetologii.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Sat, 21 Mar 2020 07:36:40 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
180153
expires
Sun, 22 Aug 2021 07:01:28 GMT
1583867436_naduvnye-batuty.jpg
nt.ck.ua/uploads/posts/2020-03/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-03/1583867436_naduvnye-batuty.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
9888f8356680ea8d2362da865f42912e99c2b8e78a0673659296385e6173f4f2

Request headers

:path
/uploads/posts/2020-03/1583867436_naduvnye-batuty.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Tue, 10 Mar 2020 19:09:58 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
146119
expires
Sun, 22 Aug 2021 07:01:28 GMT
/
www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/
Redirect Chain
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/abington_tmb.jpg
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/abington_tmb.jpg/
  • https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.217.33.38 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ceramtrade.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:28 GMT
Server
nginx
X-Powered-By
PHP/7.3.28
X-Powered-CMS
Bitrix Site Manager (f1a5b39984457019b937211fc94ef7c9)
Strict-Transport-Security
max-age=31536000;
P3P
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://www.ceramtrade.ru/upload/resize_cache/iblock/8c5/270_270_2/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
1574106382_yarkaya-dostavka-cvetov.jpg
nt.ck.ua/uploads/posts/2019-11/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2019-11/1574106382_yarkaya-dostavka-cvetov.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
5f8982204e92479e58758994dbb2123fb651be3e66bc3deedd72a737d400804b

Request headers

:path
/uploads/posts/2019-11/1574106382_yarkaya-dostavka-cvetov.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Mon, 18 Nov 2019 19:44:58 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
130963
expires
Sun, 22 Aug 2021 07:01:28 GMT
1569912339_ustanovka-novoy-vanny-v-sovmeschennyy-sanuzel.jpg
nt.ck.ua/uploads/posts/2019-10/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2019-10/1569912339_ustanovka-novoy-vanny-v-sovmeschennyy-sanuzel.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
7e9bcc30bb2c16a8e3471a7ba727c7d91e2e1dc00749523e3f0d0b5f34af6038

Request headers

:path
/uploads/posts/2019-10/1569912339_ustanovka-novoy-vanny-v-sovmeschennyy-sanuzel.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Tue, 01 Oct 2019 06:45:00 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
93642
expires
Sun, 22 Aug 2021 07:01:28 GMT
1626763479_pomosch-yurista-pri-dtp.jpg
nt.ck.ua/uploads/posts/2021-07/ 		507 KB
508 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2021-07/1626763479_pomosch-yurista-pri-dtp.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
4528f679202d1ebe9ec79c657416474d83f61d9cfcc9a2a5db5b03869009bb64

Request headers

:path
/uploads/posts/2021-07/1626763479_pomosch-yurista-pri-dtp.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Tue, 20 Jul 2021 06:43:10 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
519367
expires
Sun, 22 Aug 2021 07:01:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
212a09e0de6dd5d7386943f2fbef7c22eb8f4bbaf7726c449cdb258fb563691b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49287
x-xss-protection
0
server
cafe
etag
2795897176552484486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:01:27 GMT
1411583605_rayon-aerodrom.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411583605_rayon-aerodrom.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
fc507c24f6e9188068a078de48f881d70ca01a9aa30f2335a2121c71a2f1f6f2

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 24 Sep 2014 18:32:48 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
57755
expires
Fri, 13 Aug 2021 07:01:27 GMT
1411397299_bez-avtomobilya.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411397299_bez-avtomobilya.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
859ad969d6844581f709ef5fd9366f4d95b7de06c4eaa7c23fb890481e1a9e06

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Mon, 22 Sep 2014 14:47:21 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
38714
expires
Fri, 13 Aug 2021 07:01:27 GMT
no_image.jpg
nt.ck.ua/templates/Sleek/dleimages/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/dleimages/no_image.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
a1ff53fddc3f2d3a68a8cebe203e5d5d203ef6613a19188a224f23188b9c3c7c

Request headers

:path
/templates/Sleek/dleimages/no_image.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Thu, 14 Aug 2014 16:56:32 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
24110
expires
Sun, 22 Aug 2021 07:01:28 GMT
1411806669_factory_photo.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411806669_factory_photo.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
4cf5f98ac56c8d5414035b44ddadbc4f6e874fcb7d0094268d408fab22f85429

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 27 Sep 2014 08:30:42 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
37551
expires
Fri, 13 Aug 2021 07:01:27 GMT
1411665378_rrsr09641.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		644 KB
645 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411665378_rrsr09641.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
4e9b23e89658d9d0963f7e0a2eb2c742ec19a158f2848b6ffb202ae751783408

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 25 Sep 2014 17:15:29 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
659558
expires
Fri, 13 Aug 2021 07:01:27 GMT
1425839732_qxqxum2ynzm.jpg
polotsk-portal.ru/uploads/posts/2015-03/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-03/1425839732_qxqxum2ynzm.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
8b422c39d726fcfd2783c4f15130b87049659c17bb8816da6b9a3c498b381288

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sun, 08 Mar 2015 18:33:58 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
33016
expires
Fri, 13 Aug 2021 07:01:27 GMT
1400006949_129235.jpg
polotsk-portal.ru/uploads/posts/2014-05/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-05/1400006949_129235.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
d60b5eb4286619a7188167ed938b69570cc891180047b72531a7a50409b98b29

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 13 May 2014 18:48:33 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
43287
expires
Fri, 13 Aug 2021 07:01:27 GMT
radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
www.belnovosti.by/images/stories/articles/2014-12-12/
Redirect Chain
  • https://belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
  • https://www.belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.84.112.130 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
By-Belnovosti /
Resource Hash
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Tue, 22 Dec 2020 09:30:43 GMT
server
By-Belnovosti
age
0
etag
W/"5fe1bcc3-1208"
vary
Accept, Accept-Encoding
x-connect
nosniff
content-type
image/webp
cache-control
public, max-age=300
x-varnish
791140777
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.belnovosti.by/images/stories/articles/2014-12-12/radkov%20opjat%20zagovoril%20o%20registracii%20internet-portalov%20v%20kachestve%20smi.jpg
date
Fri, 23 Jul 2021 07:01:27 GMT
server
By-Belnovosti
content-length
162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
3cecc.jpg
www.belnovosti.by/images/stories/articles_2015/2015-04-16/
Redirect Chain
  • https://belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg
  • https://www.belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.84.112.130 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
By-Belnovosti /
Resource Hash
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Tue, 22 Dec 2020 09:30:43 GMT
server
By-Belnovosti
age
0
etag
W/"5fe1bcc3-1208"
vary
Accept, Accept-Encoding
x-connect
nosniff
content-type
image/webp
cache-control
public, max-age=300
x-varnish
791335493
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.belnovosti.by/images/stories/articles_2015/2015-04-16/3cecc.jpg
date
Fri, 23 Jul 2021 07:01:27 GMT
server
By-Belnovosti
content-length
162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
1494926609_kak-vlozhit-dengi-chtoby-oni-rabotali.jpg
polotsk-portal.ru/uploads/posts/2017-05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-05/1494926609_kak-vlozhit-dengi-chtoby-oni-rabotali.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
d9ecb733855795c5afbd886be4296065a52b9a9ec154f2230678e554b6dc1afe

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 16 May 2017 09:22:21 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
14764
expires
Fri, 13 Aug 2021 07:01:27 GMT
1493128209_novopolock.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1493128209_novopolock.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
588871c785d4268425b8e3b7161b586467bcdcd3d9a88b4ddc386a15cbd4ef69

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Apr 2017 13:49:30 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
298267
expires
Fri, 13 Aug 2021 07:01:27 GMT
11.jpg
www.belnovosti.by/images/stories/articles_2015/2015-02-02/
Redirect Chain
  • https://belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg
  • https://www.belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.84.112.130 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
By-Belnovosti /
Resource Hash
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Tue, 22 Dec 2020 09:30:43 GMT
server
By-Belnovosti
age
0
etag
W/"5fe1bcc3-1208"
vary
Accept, Accept-Encoding
x-connect
nosniff
content-type
image/webp
cache-control
public, max-age=300
x-varnish
791522679
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.belnovosti.by/images/stories/articles_2015/2015-02-02/11.jpg
date
Fri, 23 Jul 2021 07:01:27 GMT
server
By-Belnovosti
content-length
162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
www.belnovosti.by/images/stories/articles/2014-12-04/
Redirect Chain
  • https://belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
  • https://www.belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.84.112.130 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
By-Belnovosti /
Resource Hash
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Tue, 22 Dec 2020 09:30:43 GMT
server
By-Belnovosti
age
0
etag
W/"5fe1bcc3-1208"
vary
Accept, Accept-Encoding
x-connect
nosniff
content-type
image/webp
cache-control
public, max-age=300
x-varnish
791735762
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.belnovosti.by/images/stories/articles/2014-12-04/na%20rynok%20rf%20vernjotsja%20mjasnaja%20produkcija%20chetyrjoh%20belorusskih%20predprijatij.jpg
date
Fri, 23 Jul 2021 07:01:27 GMT
server
By-Belnovosti
content-length
162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
1493128041_pamyatnyy_znak_20170423.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1493128041_pamyatnyy_znak_20170423.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
e1d390cca44e87ef4159da7b451dec44729c49c09f53532aef430fff9e94dd28

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Apr 2017 13:46:03 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
99487
expires
Fri, 13 Aug 2021 07:01:27 GMT
1493127426_sberbank.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1493127426_sberbank.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
8122da1a4f32ff8670e128d9619bb518c3253ade4ebc1e73c48997da525cbd7d

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Apr 2017 13:36:38 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
251532
expires
Fri, 13 Aug 2021 07:01:27 GMT
s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
www.belnovosti.by/images/stories/articles/2014-12-13/
Redirect Chain
  • https://belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
  • https://www.belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.84.112.130 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
By-Belnovosti /
Resource Hash
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
via
1.1 varnish (Varnish/6.0)
last-modified
Tue, 22 Dec 2020 09:30:43 GMT
server
By-Belnovosti
age
0
etag
W/"5fe1bcc3-1208"
vary
Accept, Accept-Encoding
x-connect
nosniff
content-type
image/webp
cache-control
public, max-age=300
x-varnish
793216342
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://www.belnovosti.by/images/stories/articles/2014-12-13/s%201%20janvarja%202015%20goda%20v%20belarusi%20uvelichivaetsja%20minimalnaja%20zarplata.jpg
date
Fri, 23 Jul 2021 07:01:27 GMT
server
By-Belnovosti
content-length
162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
1435918867_14_compressed_images_stories_articles_2015_2015-07-02_thumb_medium250_0.jpg
polotsk-portal.ru/uploads/posts/2015-07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-07/1435918867_14_compressed_images_stories_articles_2015_2015-07-02_thumb_medium250_0.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
f3d601225b4b50405fad6a88b9e5f4cd2f07a089a5599beea12660b1b033d583

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 03 Jul 2015 10:20:30 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
7398
expires
Fri, 13 Aug 2021 07:01:27 GMT
1501744485_farinovskaya-marka-2017.jpg
polotsk-portal.ru/uploads/posts/2017-08/ 		836 KB
836 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-08/1501744485_farinovskaya-marka-2017.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
9eb6a49ba9a08253cba916dc70735eeb9e4fdf472e752a6b633ca5777e9f354a

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 03 Aug 2017 07:14:39 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
855701
expires
Fri, 13 Aug 2021 07:01:27 GMT
1498041554_zveni-volna-2017.jpg
polotsk-portal.ru/uploads/posts/2017-06/ 		538 KB
542 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-06/1498041554_zveni-volna-2017.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
e00f26f5ebeec7eb642e911c735e9959727c7a46cc07f80e5a3a4908ba138f0c

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 21 Jun 2017 10:37:55 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
551362
expires
Fri, 13 Aug 2021 07:01:27 GMT
1496993915_zaozerskaya-berezuha-2017.jpg
polotsk-portal.ru/uploads/posts/2017-06/ 		630 KB
630 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-06/1496993915_zaozerskaya-berezuha-2017.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
90e3e5f8ce2da101f69de534e3f61c8731c8c1e52c969ff1a71d37f541bc3f13

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 09 Jun 2017 07:36:55 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
644893
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490428991_1473014921_tj2he-3bmys.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490428991_1473014921_tj2he-3bmys.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
88946e35efc564bf46a34f82505d96105a025784b6ee684f6c27cb728d5a9c06

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 25 Mar 2017 08:03:07 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
144377
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490428642_1476283241_y6mlqoy9dea.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490428642_1476283241_y6mlqoy9dea.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
8fa04ed11a6a3a6c4f31d76ca64a2cca95430fe84524292768a464cf93eca2fb

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 25 Mar 2017 07:57:13 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
177752
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490256695_1488221370_za7si_4syym.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490256695_1488221370_za7si_4syym.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
948cc6e8c141d0ef2f2ea50d36dd8582be9af44c84334cd2f165d4781f241378

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 23 Mar 2017 08:10:45 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
154830
expires
Fri, 13 Aug 2021 07:01:27 GMT
1410453491_vecher-v-priyatnoy-kompanii.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1410453491_vecher-v-priyatnoy-kompanii.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
a1cb31857b7233f7673a9f8fe5a15605affc972324317f85c512223df112bed6

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 11 Sep 2014 16:36:49 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
121704
expires
Fri, 13 Aug 2021 07:01:27 GMT
1404906942_draka.jpg
polotsk-portal.ru/uploads/posts/2014-07/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-07/1404906942_draka.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
3d46e371b39b8f6bcfd391260142528a802176fbcde8f516fd2ae6b9b6606120

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 09 Jul 2014 11:54:20 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
99354
expires
Fri, 13 Aug 2021 07:01:27 GMT
1411675271_novopolockaya-tec.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411675271_novopolockaya-tec.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
717e3308c594a23c4960070a672a8bc06129a1df40b16d1e9f6b32cba85d0ec0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 25 Sep 2014 20:00:33 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
122579
expires
Fri, 13 Aug 2021 07:01:27 GMT
1501151561_narusheniya-v-pitanii-shkolnikov.png
polotsk-portal.ru/uploads/posts/2017-07/ 		453 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-07/1501151561_narusheniya-v-pitanii-shkolnikov.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
70bf8a1838b8e7fab81f0289706ee696146035cfffa91463887a061c2ea7673f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 27 Jul 2017 10:31:11 GMT
server
Apache
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
463506
expires
Sun, 22 Aug 2021 07:01:27 GMT
1501007781_moshennica.jpg
polotsk-portal.ru/uploads/posts/2017-07/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-07/1501007781_moshennica.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
846df5f5cd49a06cc9c05da2a41ac5f32f040a660e646cca916e93b057242c18

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Jul 2017 18:36:18 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
83485
expires
Fri, 13 Aug 2021 07:01:27 GMT
1501007216_vrezalas-v-derevo.jpg
polotsk-portal.ru/uploads/posts/2017-07/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-07/1501007216_vrezalas-v-derevo.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
ee97c58deb22f1c3a8fd6354a56272b6038481b4c49a0856e52c38c31df19ed6

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Jul 2017 18:25:59 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
237380
expires
Fri, 13 Aug 2021 07:01:27 GMT
1436027578_384689281.jpg
polotsk-portal.ru/uploads/posts/2015-07/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-07/1436027578_384689281.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
982daefc24d25d1148ecfc87d0b7d37933c384a4293ad57513f5c159abecfc10

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 04 Jul 2015 16:31:57 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
53018
expires
Fri, 13 Aug 2021 07:01:27 GMT
1481384693_fac5laqqvo0.jpg
polotsk-portal.ru/uploads/posts/2016-12/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2016-12/1481384693_fac5laqqvo0.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
fd7c690415ea6f7d9682bf09d9353b8aa5bd098128aa3a201f8eb0fb16e8067d

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 10 Dec 2016 15:43:56 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
95123
expires
Fri, 13 Aug 2021 07:01:27 GMT
1433142819_fea-i2jak-a.jpg
polotsk-portal.ru/uploads/posts/2015-06/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-06/1433142819_fea-i2jak-a.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
147280bb7ac8a136a8b997dad6217fdc39dec1de470acf385a0fd6be8a0fbfb1

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Mon, 01 Jun 2015 07:12:14 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
77999
expires
Fri, 13 Aug 2021 07:01:27 GMT
1411760600_himik.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411760600_himik.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
0914125b7e2046b356fe163ca07fb8c7bb51294dedd675522ae98868dfb09b91

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 26 Sep 2014 19:42:36 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
129808
expires
Fri, 13 Aug 2021 07:01:27 GMT
1412162401_bate.jpg
polotsk-portal.ru/uploads/posts/2014-10/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-10/1412162401_bate.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
7f7be270390f62cee61138f7272dd0e24182e6c6ce81c6b8ec0b622cd8c0cdcc

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 01 Oct 2014 11:19:43 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
173647
expires
Fri, 13 Aug 2021 07:01:27 GMT
1500896255_kubok-belarusi-po-futbolu.jpg
polotsk-portal.ru/uploads/posts/2017-07/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-07/1500896255_kubok-belarusi-po-futbolu.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
57dac86d698ceb4dc3ee6ef2651346e12c938f9508dbebcff0ad6d2abd71cbe5

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Mon, 24 Jul 2017 11:37:08 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
165544
expires
Fri, 13 Aug 2021 07:01:27 GMT
1498667240_0naftan_2012_08_12_big_0_38.jpg
polotsk-portal.ru/uploads/posts/2017-06/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-06/1498667240_0naftan_2012_08_12_big_0_38.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
aa6920af3f217ae5ded507f015ff3d8e8d939c8776cfed4237f357d0e0c067d2

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 28 Jun 2017 16:26:53 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
161325
expires
Fri, 13 Aug 2021 07:01:27 GMT
1400352475_dinamo-polock.jpg
polotsk-portal.ru/uploads/posts/2014-05/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-05/1400352475_dinamo-polock.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
f0f109fe9657991df16f7a6bdaa1b1e8d5d0184675436357ee33cf30dbcfa345

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 17 May 2014 18:47:43 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
115932
expires
Fri, 13 Aug 2021 07:01:27 GMT
1427911533_izumrudny_vmeste.jpg
polotsk-portal.ru/uploads/posts/2015-04/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-04/1427911533_izumrudny_vmeste.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
84ba8b453a26f65ca7989a453c99852ae81f7968981d9134c7bc48e5ed1865fb

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 01 Apr 2015 18:04:51 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
106502
expires
Fri, 13 Aug 2021 07:01:27 GMT
1412150356_himik-ska.jpg
polotsk-portal.ru/uploads/posts/2014-10/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-10/1412150356_himik-ska.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
4337a997244b7ab2b7a9d2d20c82dd4be5ce15c0267cb2c2fb04c872d44402ab

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 01 Oct 2014 07:59:13 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
270770
expires
Fri, 13 Aug 2021 07:01:27 GMT
1411675105_polockgaz.jpg
polotsk-portal.ru/uploads/posts/2014-09/ 		414 KB
414 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-09/1411675105_polockgaz.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
d1c4eeb75af5c66c265ebc6daabef0a1061250ba83618aafee65d7e4e296c706

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 25 Sep 2014 19:56:49 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
423867
expires
Fri, 13 Aug 2021 07:01:27 GMT
1498548400_polock_s_shark.jpg
polotsk-portal.ru/uploads/posts/2017-06/ 		419 KB
420 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-06/1498548400_polock_s_shark.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
f685253d08f42622368d6f40e16e49247b73b01870801297efc53ae1f011ef0f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 27 Jun 2017 07:26:16 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
429259
expires
Fri, 13 Aug 2021 07:01:27 GMT
1497950042_polock_v_glub.jpg
polotsk-portal.ru/uploads/posts/2017-06/ 		330 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-06/1497950042_polock_v_glub.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
79052adb2d97720701c170ef636b71d6d509a3e5e36fbbb05cd559e19f439d8f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 20 Jun 2017 09:12:44 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
337583
expires
Fri, 13 Aug 2021 07:01:27 GMT
1429684118_10878.jpg
polotsk-portal.ru/uploads/posts/2015-04/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-04/1429684118_10878.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
587452eb085605aa5b36ee133959882990b35ffb0a7fd5fe21445b5319beee6e

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 22 Apr 2015 06:27:57 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
52953
expires
Fri, 13 Aug 2021 07:01:27 GMT
1408649507_natalya-berdnikova.jpg
polotsk-portal.ru/uploads/posts/2014-08/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-08/1408649507_natalya-berdnikova.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
9d2c4f1d5a49724b7c1fb1ac101bee67656fcf093b3563d255d0d0e2c8762110

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 21 Aug 2014 19:30:19 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
37910
expires
Fri, 13 Aug 2021 07:01:27 GMT
1493127197_dengi_dollar_reuters_rtseg6s.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1493127197_dengi_dollar_reuters_rtseg6s.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
317e0abab3a8445bca853f162b573ddfa0bef6d817ccab2094aa8d7f21fa1615

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 25 Apr 2017 13:32:35 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
47618
expires
Fri, 13 Aug 2021 07:01:27 GMT
1492887280_tupolev_tu-95_in_flight.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1492887280_tupolev_tu-95_in_flight.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
d7538b884af4a77e5fea756a548591e80c0f54c336a9fad2f9da136b385da8ad

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 22 Apr 2017 18:54:16 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
21342
expires
Fri, 13 Aug 2021 07:01:27 GMT
1428945983_registracii-na-tamozhne.jpg
polotsk-portal.ru/uploads/posts/2015-04/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-04/1428945983_registracii-na-tamozhne.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
abc48aa4af6b5349d811fae1e972419ce185a7135bad806659b417f57b913206

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Mon, 13 Apr 2015 17:25:29 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
237293
expires
Fri, 13 Aug 2021 07:01:27 GMT
1426232598_hlebnyy-maydan.jpg
polotsk-portal.ru/uploads/posts/2015-03/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-03/1426232598_hlebnyy-maydan.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
626a45ea70b3ef15c8daf7db433c05a280e9e39152e7b8927cea1d58d3ad128b

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Fri, 13 Mar 2015 07:42:00 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
56474
expires
Fri, 13 Aug 2021 07:01:27 GMT
1492887062_deklaraciya-nezavisimosti-ssha.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1492887062_deklaraciya-nezavisimosti-ssha.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
aaaa38c5f73b1a5a4b22f51a2eeb2ec9cfedc1692c743e849ad9da639fbb9bd7

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 22 Apr 2017 18:50:26 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
265363
expires
Fri, 13 Aug 2021 07:01:27 GMT
1492884727_rtx344oa_coal.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1492884727_rtx344oa_coal.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
557e83d045f44de725127c7121ca17764f9a48dfa643c05c3932dcdc7ca42b28

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 22 Apr 2017 18:11:53 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
65413
expires
Fri, 13 Aug 2021 07:01:27 GMT
1425491560_formy.jpg
polotsk-portal.ru/uploads/posts/2015-03/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-03/1425491560_formy.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
55f04a8a140476680b55d6079d17eeefb963edd26e64ffd2f6e21cf89a51a21b

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 04 Mar 2015 17:52:26 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
125944
expires
Fri, 13 Aug 2021 07:01:27 GMT
1421950689_foreks.jpg
polotsk-portal.ru/uploads/posts/2015-01/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-01/1421950689_foreks.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
12f8d717cb06ebe209d14db0129ff061a852c7b0275144695f0022269a7c712e

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 22 Jan 2015 18:17:09 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
40907
expires
Fri, 13 Aug 2021 07:01:27 GMT
1506075892_odezhda-iz-hlopka-lna-i-naturalnogo-shelka.jpg
nt.ck.ua/uploads/posts/2017-09/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2017-09/1506075892_odezhda-iz-hlopka-lna-i-naturalnogo-shelka.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
86fc86e7d6147f77b5c145bab4fb09cf76aa3c782893c97388cdb419cdf382e1

Request headers

:path
/uploads/posts/2017-09/1506075892_odezhda-iz-hlopka-lna-i-naturalnogo-shelka.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Fri, 22 Sep 2017 10:24:07 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
195339
expires
Sun, 22 Aug 2021 07:01:29 GMT
1491302047_geogrunt.jpg
polotsk-portal.ru/uploads/posts/2017-04/ 		241 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-04/1491302047_geogrunt.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
05f14bce3a25b3006c1bf8f88f362cbc450f72e93cf28eb2a4e2fa1d7e0c3c0b

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 04 Apr 2017 10:33:32 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
246368
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490763342_korpusnaya-mebel.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490763342_korpusnaya-mebel.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
5f27757a9c5bff0b4c6877bdbb7d702f2aba688be1ebdda079369dadb8bf63bd

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 29 Mar 2017 04:54:29 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
82526
expires
Fri, 13 Aug 2021 07:01:27 GMT
kharakternye-otluchuya-mednoy-posudyjdl.jpg
kupisuvenir.com.ua/storage/images/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kupisuvenir.com.ua/storage/images/kharakternye-otluchuya-mednoy-posudyjdl.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4535 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
409539af14c019f43e1ee66b7e4e8bd1387d9fd3dbdf2857c98d78b406966b63

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
62822
cf-bgj
h2pri
content-length
55366
last-modified
Wed, 15 Apr 2020 15:43:23 GMT
server
cloudflare
etag
"5e972b9b-d846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8toGQ%2BP3dE5upTiw%2BgJp3bDNNJd34pOMCrwCjIJa%2BcIKEC9ddCwKAW0tWWOIcYOSd%2Fwlau0Fmw%2F1XGdef2FH42z3ZHdEl2uGnuNNzSC42tdcgI9yMkdPO5%2FbG383%2BbTIYWOxt5HaKfQS1oIcjg9Aow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=7776000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6733099f18b50625-FRA
expires
Wed, 20 Oct 2021 13:34:25 GMT
kurutelnye-trubku-putevodutel-po-formambtf.jpg
duda.com.ua/storage/images/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://duda.com.ua/storage/images/kurutelnye-trubku-putevodutel-po-formambtf.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7415377e39378471c0ac83cf1107747dd39a4e2ce517dd966c79a122b80ec4be

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Apr 2020 13:14:57 GMT
server
cloudflare
etag
"5eaacf51-95ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDWVFpCNlv%2BRacsq92NalOeiXH0%2FZevq0MHn2%2FVcdBo2OrpbeHUiCEZIWTHAU%2FXCnmHx5FoSKJ8sK7z4LUvVkKUtJF9lOaAC%2FWGYUch8lqreu%2BqUZll1qTVF8M39iXCnyNdf6fvUqH%2FE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=7776000, must-revalidate, proxy-revalidate
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6733099f98a24a9d-FRA
content-length
38399
expires
Thu, 21 Oct 2021 07:01:27 GMT
1582827831_nardy.jpg
nt.ck.ua/uploads/posts/2020-02/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/uploads/posts/2020-02/1582827831_nardy.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
b875d90e349610f30b0847af533fdb34966eac9f0a68a74bd435beb7b57437b2

Request headers

:path
/uploads/posts/2020-02/1582827831_nardy.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Thu, 27 Feb 2020 18:22:53 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
82190
expires
Sun, 22 Aug 2021 07:01:29 GMT
informer.min.css
nst1.gismeteo.ru/assets/flat-ui/legacy/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/legacy/css/informer.min.css
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 09:06:35 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
W/"60f7e39b-2019"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800, public
expires
Fri, 30 Jul 2021 07:01:27 GMT
logo-mini2.png
nst1.gismeteo.ru/assets/flat-ui/img/ 		680 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/logo-mini2.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 09 Jul 2020 14:18:54 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274e-2a8"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
680
expires
Fri, 30 Jul 2021 07:01:27 GMT
/
www.gismeteo.ru/api/informer/getinformer/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gismeteo.ru/api/informer/getinformer/?hash=U3td450sWis5yE
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.134.201.5 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
69ce633e6314da88aa3042bec8611105cc421b7b738f0f1f8050376191604947
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dc
nord.router-ru-nord01
x-bck
192.168.0.31:9000
x-decepticon
0
vary
Accept-Encoding, Accept-Encoding, Accept, User-Agent
x-xss-protection
1; mode=block
pragma
no-cache
server
gis
strict-transport-security
max-age=604800
content-type
application/javascript; charset=UTF-8;
access-control-allow-origin
*
x-ssi
11
cache-control
no-cache, must-revalidate, no-cache, no-store, must-revalidate
expires
Fri, 23 Jul 2021 07:31:27 GMT
k.php
vkurse.by/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vkurse.by/k.php?t=v
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0a:7d80:1:7::115:f6 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
toplivo.jpg
polotsk-portal.ru/uploads/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/toplivo.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
5bcc38972dac2a96e473d6490b1c736e103903d363bfd95308caccec0f6442e7

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 13 Jan 2015 12:59:32 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
42817
expires
Fri, 13 Aug 2021 07:01:27 GMT
1481814248_afisha-rozhdestvenskaya-skazka-v2.jpg
polotsk-portal.ru/uploads/posts/2016-12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2016-12/1481814248_afisha-rozhdestvenskaya-skazka-v2.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
47786243c23aed752f9765e373974b5b4a13014f2f4db4397e27b3026defa7f1

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 04 Apr 2018 11:44:08 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
68635
expires
Fri, 13 Aug 2021 07:01:27 GMT
1465981038_ikwg9vhnwjc.jpg
polotsk-portal.ru/uploads/posts/2016-06/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2016-06/1465981038_ikwg9vhnwjc.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
d647d22baa52bf8f33b8b705a2514763d021cd17abd20c1ebd0e388c69af627c

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 15 Jun 2016 08:56:43 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
66966
expires
Fri, 13 Aug 2021 07:01:27 GMT
1462703727_f8ro7rtjgoq.jpg
polotsk-portal.ru/uploads/posts/2016-05/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2016-05/1462703727_f8ro7rtjgoq.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
a2f3a22cb9ada409826509c4d7ee9feca0121a756dfffd0ae6b1ffc205317e98

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sun, 08 May 2016 10:33:54 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
92613
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490285327-753457580-vezuchiy-sluchay.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490285327-753457580-vezuchiy-sluchay.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
bab0b531a8f012b8004d807cb9ceb7a28d2225053f8ab8d7e76ccfa617611aba

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 23 Mar 2017 16:08:48 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
176320
expires
Fri, 13 Aug 2021 07:01:27 GMT
1490285038-1353048698-krasavica-i-chudovische.jpg
polotsk-portal.ru/uploads/posts/2017-03/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2017-03/1490285038-1353048698-krasavica-i-chudovische.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
4161e20ba5da0344c388ca3636ee162e662959fb99a004ffe566a0176fdb857d

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Thu, 23 Mar 2017 16:03:59 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
123576
expires
Fri, 13 Aug 2021 07:01:27 GMT
1423922015_1020936072_poster.jpg
polotsk-portal.ru/uploads/posts/2015-02/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-02/1423922015_1020936072_poster.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
ba727d1d6e5235e5deaab054611ec2cd89ab421acf657a3b6fe9aea703657329

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 14 Feb 2015 13:53:35 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
57787
expires
Fri, 13 Aug 2021 07:01:27 GMT
1426357749_solnechnoe-zatmenie.jpg
polotsk-portal.ru/uploads/posts/2015-03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-03/1426357749_solnechnoe-zatmenie.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
e721bb0abf678ee43c29155457874bb2705ee1cc69e52df2115ca0c4bfa66497

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 14 Mar 2015 18:27:38 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
17105
expires
Fri, 13 Aug 2021 07:01:27 GMT
1427824921_den-polocka.jpg
polotsk-portal.ru/uploads/posts/2015-03/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-03/1427824921_den-polocka.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
8d072fb0c9d3fdf5534c812dbdbccb629bfbf5c234e5f45eb704bac6bfdb7684

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 31 Mar 2015 18:01:06 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
100442
expires
Fri, 13 Aug 2021 07:01:27 GMT
1441611999_buket.jpg
nt.ck.ua//uploads/firms/logos/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua//uploads/firms/logos/1441611999_buket.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
94e0328e53812c266dd722f2b09e901160a0c7bdd90b016df9a47f2259346bd2

Request headers

:path
//uploads/firms/logos/1441611999_buket.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Mon, 07 Sep 2015 07:46:39 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
39917
expires
Sun, 22 Aug 2021 07:01:29 GMT
1351177485_alatan_tur_logo.jpg
nt.ck.ua//uploads/firms/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua//uploads/firms/logos/1351177485_alatan_tur_logo.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
f551a9515a3d04499eccab409e845087b002e6a8b8a46f3dc2bec4579e0d5735

Request headers

:path
//uploads/firms/logos/1351177485_alatan_tur_logo.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Sat, 21 Jun 2014 18:39:04 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
4235
expires
Sun, 22 Aug 2021 07:01:29 GMT
1477720720_i.jpg
nt.ck.ua//uploads/firms/logos/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua//uploads/firms/logos/1477720720_i.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
4f87c11b7bd2c0bb35432c2a4a25b35c5238c528e358547dba5888bb59be38ac

Request headers

:path
//uploads/firms/logos/1477720720_i.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Sat, 29 Oct 2016 05:58:40 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
23417
expires
Sun, 22 Aug 2021 07:01:29 GMT
1351098362_tehnolit_logo.jpg
nt.ck.ua//uploads/firms/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua//uploads/firms/logos/1351098362_tehnolit_logo.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
bf4bff221f0fe521aae5d6b7184e2eea63cfa11e1066145eec9fd79ef9f7c4db

Request headers

:path
//uploads/firms/logos/1351098362_tehnolit_logo.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688; __gads=ID=0ed11038fc53f02f-229832dc80c80059:T=1627023688:RT=1627023688:S=ALNI_MbuMMYI8JeFfu22ul05jWgk5OFryw; fid=530797e7-3b32-4f25-b3cf-9e9aa5d690b5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Sat, 21 Jun 2014 18:38:58 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7314
expires
Sun, 22 Aug 2021 07:01:29 GMT
cycounter
www.yandex.ru/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yandex.ru/cycounter?polotsk-portal.ru
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
44f490ef3152669a0f6f102bb7eda2693fbeee6818e3e8393c28a1efd1c15862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-xss-protection
1; mode=block
x-content-type-options
nosniff
expires
Thu, 05 Aug 2021 13:12:10 GMT
last-modified
Thu, 22 Jul 2021 13:12:10 GMT
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
1446652279-572768222-.jpg
polotsk-portal.ru/uploads/posts/2015-11/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-11/1446652279-572768222-.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
85ec127fa728c99e31c7d62ff1e7bf6efe16e73901d4323a5c5bbb9a7fcb3a8f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Wed, 04 Nov 2015 15:51:19 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
100587
expires
Fri, 13 Aug 2021 07:01:27 GMT
1433012044_1433010020_726033331_poster.jpg
polotsk-portal.ru/uploads/posts/2015-05/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2015-05/1433012044_1433010020_726033331_poster.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
8587360c7f24d2665541cf78c91fd67557e25eae22b6ad40cd996cf458a22205

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Sat, 30 May 2015 18:53:37 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
55806
expires
Fri, 13 Aug 2021 07:01:27 GMT
bootstrap.js
nt.ck.ua/templates/Sleek/assets/js/ 		57 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.ck.ua/templates/Sleek/assets/js/bootstrap.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
2a0a953369d361695d49d2a040339dc31189da223e55516baab4e3fd090662dd

Request headers

:path
/templates/Sleek/assets/js/bootstrap.js
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nt.ck.ua
referer
https://nt.ck.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
content-encoding
gzip
last-modified
Tue, 17 Jun 2014 20:00:34 GMT
server
nginx
vary
User-Agent,Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
10523
expires
Sat, 23 Jul 2022 07:01:27 GMT
count.js
http-polotsk-portal-ru.disqus.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://http-polotsk-portal-ru.disqus.com/count.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
172
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 20 Jul 2021 20:42:58 GMT
Server
nginx
ETag
"60f73552-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW55-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
PchDbfyT34KrQ7AM47KFBY-g4dbm2c8Ib-Bx_izd_7tRTZDP2FhPtQ==
zp.js
w.uptolike.com/widgets/v1/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/zp.js?pid=1706501
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
8b952bf71013d2c165d236fcfdc569bbf39e68bec32bb2e25189191e35d1f1ef

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:28 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
max-age=31556926
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		0
0
css
fonts.googleapis.com/ 		0
0
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:30 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Jul 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//nt.ck.ua/;0.42799295918967273
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 22 Jul 2020 21:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
br
last-modified
Thu, 22 Jul 2021 11:32:16 GMT
etag
"60f95590-bac9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47817
expires
Fri, 23 Jul 2021 08:01:28 GMT
1399962993_background-3.jpg
polotsk-portal.ru/uploads/posts/2014-05/ 		491 KB
495 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polotsk-portal.ru/uploads/posts/2014-05/1399962993_background-3.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.99.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s62.nska.net
Software
Apache /
Resource Hash
c310537430a2c7fd872702a3120abb3c074a369776ad2fa78929246f34390fee

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
last-modified
Tue, 13 May 2014 06:36:13 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=1814400
accept-ranges
bytes
content-length
502705
expires
Fri, 13 Aug 2021 07:01:27 GMT
darkdenim3.png
nt.ck.ua/templates/Sleek/assets/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/assets/img/darkdenim3.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c

Request headers

:path
/templates/Sleek/assets/img/darkdenim3.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/assets/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Wed, 18 Jun 2014 10:06:10 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
22600
expires
Sun, 22 Aug 2021 07:01:27 GMT
glyphicons-halflings-white.png
nt.ck.ua/templates/Sleek/assets/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/assets/img/glyphicons-halflings-white.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Request headers

:path
/templates/Sleek/assets/img/glyphicons-halflings-white.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Wed, 18 Jun 2014 10:06:10 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
8777
expires
Sun, 22 Aug 2021 07:01:27 GMT
cubes.png
nt.ck.ua/templates/Sleek/assets/img/ 		723 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/assets/img/cubes.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
da6faadda2796ba5d6b3ff03de905d3688209175bc7ed0754e4d88e254096701

Request headers

:path
/templates/Sleek/assets/img/cubes.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/assets/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Tue, 17 Jun 2014 20:00:28 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
723
expires
Sun, 22 Aug 2021 07:01:27 GMT
rating.png
nt.ck.ua/templates/Sleek/dleimages/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/dleimages/rating.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/style/engine.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
33c166e5afd6c972856fbb9a2f284cb000ef599bd5b0c274a46ef53b6de6b916

Request headers

:path
/templates/Sleek/dleimages/rating.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/style/engine.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/style/engine.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Sun, 25 May 2014 09:04:04 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1176
expires
Sun, 22 Aug 2021 07:01:27 GMT
ticker_32634.js
js-ru.redtram.com/n4p/0/32/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-ru.redtram.com/n4p/0/32/ticker_32634.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2ac1370c3326693edf592ef1fa777a68386c299b3a24dec07836bbbd460fd12f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 12:41:02 GMT
server
nginx/1.18.0
etag
W/"5fd8aede-a957"
content-type
application/javascript
cache-control
max-age=604800
expires
Fri, 30 Jul 2021 07:01:28 GMT
all.js
site.yandex.net/v2.0/js/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/all.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15151
last-modified
Thu, 14 Jan 2021 10:10:45 GMT
server
nginx/1.17.9
etag
"a144f832184afae15f82138151d89089"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 18:57:02 GMT
ulSW0-BWAvU
www.youtube.com/embed/ Frame F4E6 		53 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ulSW0-BWAvU
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e96d087275affbfd2980ad6e5499e0ff58423afae48c558cd0dc26b39eac392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/ulSW0-BWAvU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 23 Jul 2021 07:01:27 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=huiQ0DoX31E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Ta9TiOiViDE; Domain=.youtube.com; Expires=Wed, 19-Jan-2022 07:01:27 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+577; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
glyphicons-halflings.png
nt.ck.ua/templates/Sleek/assets/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/assets/img/glyphicons-halflings.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
2657a759ebb7ef9c10d91e626911d9f46ddb6d402590b8e14980984024e4216a

Request headers

:path
/templates/Sleek/assets/img/glyphicons-halflings.png
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:14 GMT
last-modified
Wed, 18 Jun 2014 10:06:09 GMT
server
nginx
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
20137
expires
Sun, 22 Aug 2021 07:01:27 GMT
aci.js
www.acint.net/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
last-modified
Sat, 02 Jan 2021 18:29:12 GMT
server
openresty
etag
"5ff0bb78-1baf"
content-type
application/x-javascript
cache-control
max-age=43200
content-length
7087
expires
Fri, 23 Jul 2021 19:01:28 GMT
top100.jcn
counter.rambler.ru/ 		0
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95151
x-xss-protection
0
server
cafe
etag
4826816153601596757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:01:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame 4567 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210720/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 23 Jul 2021 01:27:57 GMT
expires
Fri, 06 Aug 2021 01:27:57 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
20010
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
background-3.jpg
nt.ck.ua/templates/Sleek/assets/img/ 		491 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nt.ck.ua/templates/Sleek/assets/img/background-3.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.143.172.209 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
russian1.hhos.ru
Software
nginx /
Resource Hash
c310537430a2c7fd872702a3120abb3c074a369776ad2fa78929246f34390fee

Request headers

:path
/templates/Sleek/assets/img/background-3.jpg
pragma
no-cache
cookie
antibot-hostia=true; PHPSESSID=f7f6e8992739ecd7e05d8a12fec9d7fa; _ym_uid=1627023688544434639; _ym_d=1627023688; __gads=ID=0ed11038fc53f02f-229832dc80c80059:T=1627023688:RT=1627023688:S=ALNI_MbuMMYI8JeFfu22ul05jWgk5OFryw; fid=530797e7-3b32-4f25-b3cf-9e9aa5d690b5; _ym_isad=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nt.ck.ua
referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nt.ck.ua/templates/Sleek/assets/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:15 GMT
last-modified
Wed, 18 Jun 2014 10:06:17 GMT
server
nginx
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
502705
expires
Sun, 22 Aug 2021 07:01:29 GMT
videos
gdata.youtube.com/feeds/api/ 		0
0
www-player-webp.css
www.youtube.com/s/player/408a20d8/ Frame F4E6 		324 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66edc34ee5e4895f056a45c21306018c8adda0c9a7a3ec41b8280c04adb25dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58813
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45812
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:41:14 GMT
www-embed-player.js
www.youtube.com/s/player/408a20d8/www-embed-player.vflset/ Frame F4E6 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a44483abbb911ba55cdcabe911145050e43890d19143c37d5cb8e89cb639b89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58813
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65241
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:41:14 GMT
base.js
www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/ Frame F4E6 		2 MB
490 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbd16195dc742a1be26dad1bee48f6b26dc8b9343615c0bcee814a47e61b7e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58803
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
502053
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:41:24 GMT
fetch-polyfill.js
www.youtube.com/s/player/408a20d8/fetch-polyfill.vflset/ Frame F4E6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:41:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58813
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:41:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4E6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
293646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:27:21 GMT
cookie.js
partner.googleadservices.com/gampad/ 		198 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=nt.ck.ua&callback=_gfp_s_&client=ca-pub-7564152195122304
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
cce9c1946a699b2fc47ab85f14ba99e8b3825f07c7030035c2fce375ae8ad542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nt.ck.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nt.ck.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 76F3 		430 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=280&slotname=8346940676&adk=2469932221&adf=1936478675&pi=t.ma~as.8346940676&w=658&fwrn=4&fwrnh=100&lmt=1627023687&rafmt=1&psa=0&format=658x280&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687491&bpp=5&bdt=557&idt=82&shv=r20210720&ptt=9&saldr=aa&abxe=1&correlator=2596595442561&frm=20&pv=2&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nW0EXI4vhe&p=https%3A//nt.ck.ua&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
140009239a3d52323d5d3b5afedaed665fbfab22da0d4df39648fcda49ed23b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&h=280&slotname=8346940676&adk=2469932221&adf=1936478675&pi=t.ma~as.8346940676&w=658&fwrn=4&fwrnh=100&lmt=1627023687&rafmt=1&psa=0&format=658x280&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687491&bpp=5&bdt=557&idt=82&shv=r20210720&ptt=9&saldr=aa&abxe=1&correlator=2596595442561&frm=20&pv=2&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=300&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nW0EXI4vhe&p=https%3A//nt.ck.ua&dtd=107
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:27 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 07:16:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Jul 2021 07:01:27 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626867007956318"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27997
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B147 		94 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5467f9d7ba64a0e419693f5aba0f8e8e2c098a9e3f759988adaf976b13d6c7f6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIS2xcfP-PECFYCbJwIdjWkMRQ&gqi=R2n6YM-iJpe-nsEPlLO5qAw&layout=/sadbundle/%24csp%253Der3%24/6023584623075618540/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIS2xcfP-PECFYCbJwIdjWkMRQ&gqi=R2n6YM-iJpe-nsEPlLO5qAw&layout=/sadbundle/%24csp%253Der3%24/6023584623075618540/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:27 GMT
server
cafe
content-length
33743
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 07:16:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Jul 2021 07:01:27 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 958B 		36 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&adk=1812271804&adf=3025194257&lmt=1627023687&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnt.ck.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687552&bpp=1&bdt=618&idt=70&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600&nras=1&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=83
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ca9d24cea93ae11c7290ed87c839349fa853598ee5219e8b7ba5cfb11f2d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&adk=1812271804&adf=3025194257&lmt=1627023687&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnt.ck.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687552&bpp=1&bdt=618&idt=70&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600&nras=1&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:27 GMT
server
cafe
content-length
5450
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 23-Jul-2021 07:16:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Jul 2021 07:01:27 GMT
cache-control
private
id
googleads.g.doubleclick.net/pagead/ Frame F4E6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5167eb27727dd4021e2e95a1ddd77f531a43f8785199fc02ff95d747b3e3ed4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Jul 2021 07:01:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F4E6 		29 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:59:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
104
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:14:43 GMT
remote.js
www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/ Frame F4E6 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a464216e9b553bce21805bf35d72f9dbaa6c867629e8f1b520806516a81994d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:41:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58803
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29807
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:41:24 GMT
q1ky2waotAkvjuvP5B7TcFq3cS4nsNrI8l5t57HmyWE.js
www.google.com/js/th/ Frame F4E6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/q1ky2waotAkvjuvP5B7TcFq3cS4nsNrI8l5t57HmyWE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5932db06a8b4092f8eebcfe41ed3705ab7712e27b0dac8f25e6de7b1e6c961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 11:41:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
69570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13329
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 11:41:57 GMT
embed.js
www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/ Frame F4E6 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57d14b595e0cb0db58044a881797be5001bdc64c72400b1dfe8125331739174c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 14:42:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 00:24:36 GMT
server
sffe
age
58725
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7436
x-xss-protection
0
expires
Fri, 22 Jul 2022 14:42:42 GMT
truncated
/ Frame F4E6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLS8GgU0SeegSgEpu5cOd1JAkH8SpD6aIPybKA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F4E6 		963 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS8GgU0SeegSgEpu5cOd1JAkH8SpD6aIPybKA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0fdb2d9d92420d1c6d74863decf7d9912d177bbc66da8e0171d21a7db2afe012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
963
x-xss-protection
0
expires
Sat, 24 Jul 2021 07:01:28 GMT
default.webp
i.ytimg.com/vi_webp/ulSW0-BWAvU/ Frame F4E6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ulSW0-BWAvU/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49dc4752eb3f3313740e46e21cdeebb0ac74338d182a743c936904bbc94944d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
x-content-type-options
nosniff
server
sffe
etag
"1418058547"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2278
x-xss-protection
0
expires
Fri, 23 Jul 2021 09:01:28 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4E6 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:37:46 GMT
x-content-type-options
nosniff
age
303821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9832
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:37:46 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F4E6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:27 GMT
generate_204
www.youtube.com/ Frame F4E6 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?dAsaGw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ulSW0-BWAvU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/ulSW0-BWAvU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nt.ck.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nt.ck.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EC9D 		75 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b94c2a4c9dc446b0221ecb5d49a5a760105dad20c72e4cd8fe533a4d1dcc76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTzIXbjuUy92h0g4ONIPNkgxljV1aAIfWZZkTIyFoLxPvXxGS0yMUgp-9; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:28 GMT
server
cafe
content-length
27430
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 2D40 		74 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e6cad77a17037f79c4fe0dfa66a4e1ead9c509da1d3dbf165c41f2a484c8de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTzIXbjuUy92h0g4ONIPNkgxljV1aAIfWZZkTIyFoLxPvXxGS0yMUgp-9; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:28 GMT
server
cafe
content-length
27138
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 8F0E 		74 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f99cad2e4e68de8d881873541e36162f4c02e332be714a682767b6dfd7b4180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTzIXbjuUy92h0g4ONIPNkgxljV1aAIfWZZkTIyFoLxPvXxGS0yMUgp-9; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 23 Jul 2021 07:01:28 GMT
server
cafe
content-length
27184
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame B147 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:59:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B147 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B147 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626867014740240"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B147 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:01:08 GMT
gismeteo.svg
nst1.gismeteo.ru/assets/flat-ui/img/informer/ 		189 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/informer/gismeteo.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:54 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274e-bd"
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
189
expires
Fri, 30 Jul 2021 07:01:28 GMT
forecast-2weeks.ru.svg
nst1.gismeteo.ru/assets/flat-ui/img/informer/ 		217 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/informer/forecast-2weeks.ru.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
7003eba883f0d3ed7f0a539260b00d02c9ad16a9f3a4978bb97dda5621ffd009

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:54 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274e-d9"
content-type
image/svg+xml
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
217
expires
Fri, 30 Jul 2021 07:01:28 GMT
d0.png
nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/d0.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
619056f5587c86ff8caccf255484c6f719551ea7828c01209b2da5cca2f41f28

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:53 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274d-7c9"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1993
expires
Fri, 30 Jul 2021 07:01:28 GMT
d11.png
nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/d11.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
9b1e2bb1b30b15b6a55edb8aad938006552009a9c62b712a9b97b790b27400cd

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:53 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274d-69a"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1690
expires
Fri, 30 Jul 2021 07:01:28 GMT
n0.png
nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/n0.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
37964ed9d7b3d32afa78b142ee81447ea740f07e34368ae34818fbf692a0021e

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:53 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274d-587"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1415
expires
Fri, 30 Jul 2021 07:01:28 GMT
d1.png
nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nst1.gismeteo.ru/assets/flat-ui/img/icons/weather/clip_art/small/d1.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.134.201.14 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 09 Jul 2020 14:18:53 GMT
server
gis
x-dc
nord.static-ru-nord01
etag
"5f07274d-62b"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1579
expires
Fri, 30 Jul 2021 07:01:28 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		74 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e51a3fa88b85880f1227335b25bd6a1dd2c631fd4ba1a9958c2c5390949386f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/6023584623075618540/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Tue, 20 Jul 2021 01:21:08 GMT
expires
Wed, 20 Jul 2022 01:21:08 GMT
last-modified
Thu, 20 May 2021 11:54:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
18195
age
279620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame B147 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C30zLR2n6YMT2JoC3nsEPjdOxqASU4ZeXY-iv2padDuSnrK2dJRABILrPzx9glQKgAcyH6uIByAEJqQKx3gaXjPB-PqgDAcgDSKoEpQFP0Iq8Z_dpuLy2RgVZg43wMWQGZifhT14b-anU819-GaE6iCUYYMM_Piu59mq65gWk4CW-NjyBwt_CWxLIG4VFvfJdCwO6-uRtJd5SdZSzn4wBG1S1hGWGICb3HoqrTSpOgDSwpJNsNNisn1VrV4Fc2RI9DT8t7iBskyISwrt90OdKLiF0HEQQrwXsyV0sFtjlMSxEDVnUcQxVemSFRTHYTi0ByMTABJ2ut5fHA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAec-JWdAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCr1A3SCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItNzU2NDE1MjE5NTEyMjMwNA&sigh=lLdcaP6PP_s&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Jul 2021 07:01:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
version.js
w.uptolike.com/widgets/v1/ 		70 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1627023688309357
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1706501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9ff24019d4ae69b3d18f139bbb45b77647e8bab2797cf4e3a249e667b3dac507

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:28 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Wed, 12 May 2021 12:38:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B6E7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTzIXbjuUy92h0g4ONIPNkgxljV1aAIfWZZkTIyFoLxPvXxGS0yMUgp-9; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 23 Jul 2021 06:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B147 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edd56b15da6e649c0f02ad628a1471df145098e7a67322261afd2508285deddc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9343.TNgFCfdU2VxkwzWtEndRpniRv327U_ZREzhHGliP9B0u7BrBBxFlWl9Th1jIAVut.bST-LZ2dkiYWxhERjsQ3gA2ixzc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9343.8nlIMeH-_zWB5C1n1zou0G8naEJrymvR5l02VLAQpHN3pZpAsPZLtYE-J4g_rQe6p-813zaKoE1fagkrpxN10A%2C%2C.F6rWtD7FBKW9u5o-4RahiKK3qD0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9343.8nlIMeH-_zWB5C1n1zou0G8naEJrymvR5l02VLAQpHN3pZpAsPZLtYE-J4g_rQe6p-813zaKoE1fagkrpxN10A%2C%2C.F6rWtD7FBKW9u5o-4RahiKK3qD0%2C
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9343.8nlIMeH-_zWB5C1n1zou0G8naEJrymvR5l02VLAQpHN3pZpAsPZLtYE-J4g_rQe6p-813zaKoE1fagkrpxN10A%2C%2C.F6rWtD7FBKW9u5o-4RahiKK3qD0%2C
date
Fri, 23 Jul 2021 07:01:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
jquery.min.js
yastatic.net/jquery/1.6.2/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/jquery/1.6.2/jquery.min.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
28368
x-nginx-request-id
a710ee64d5a89cf1
last-modified
Mon, 12 Nov 2018 13:13:42 GMT
server
nginx/1.17.9
etag
"57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 17:08:32 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
last-modified
Thu, 22 Jul 2021 11:32:16 GMT
etag
"60f95590-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 23 Jul 2021 08:01:28 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17EE 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 01:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20916
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Jul 2021 01:12:52 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 17EE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 18:31:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 23 Jul 2021 18:31:13 GMT
/
n4p-rus.redtram.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n4p-rus.redtram.com/?i=32634&ref2=
Requested by
Host: js-ru.redtram.com
URL: https://js-ru.redtram.com/n4p/0/32/ticker_32634.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ae7335aa0d47900e6efcaaf14f5329561910847567cff7fc92249f441fe37df8

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
server
nginx/1.18.0
access-control-allow-methods
GET
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
expires
Mon, 25 Apr 1986 22:23:46 GMT
/
www.acint.net/mc/ Frame 1D1D
Redirect Chain
  • https://www.acint.net/mc/?dp=10
  • https://www.acint.net/mc/?dp=10&tc=1
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=10&tc=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
8d8144c1ad4534b6806e2a5d63eb03bdbb8a9b1ccffe835336b3ae8fe2418293

Request headers

:method
GET
:authority
www.acint.net
:scheme
https
:path
/mc/?dp=10&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission; aid=fwAAAWD6aUh0NQThHSNfApdbDKidxa79nNhVhTibuBqoPtGO
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

server
openresty
date
Fri, 23 Jul 2021 07:01:28 GMT
content-type
text/html
set-cookie
cSyncDp7v2=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1627023688; expires=Sat, 24-Jul-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1627023688; expires=Fri, 06-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1627023688; expires=Fri, 06-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1627023688; expires=Fri, 06-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1627023688; expires=Sun, 22-Aug-21 07:01:28 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 23 Jul 2021 07:01:28 GMT
content-type
text/html
content-length
154
set-cookie
test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 23-Jul-21 07:11:28 GMT aid=fwAAAWD6aUh0NQThHSNfApdbDKidxa79nNhVhTibuBqoPtGO; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location
/mc/?dp=10&tc=1
/
www.acint.net/hit/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.3.0&uid=8c5ef825-f941-407d-8db9-2c5d29190eb0&dp=10&tz=%2B02%3A00&nc=52211814&u=https%3A%2F%2Fnt.ck.ua%2F&r=&rs=1600x1200&t=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0&oE=1&oP=1&dT=2021-07-23T09%3A01%3A28.751&fu=530797e7-3b32-4f25-b3cf-9e9aa5d690b5
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
suggest.js
site.yandex.net/v2.0/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/suggest.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2610
last-modified
Thu, 14 Jan 2021 10:10:45 GMT
server
nginx/1.17.9
etag
"5905bc95497a3dcdd5543e8af9bb2553"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 18:58:50 GMT
opensearch.js
site.yandex.net/v2.0/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/opensearch.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6188
last-modified
Thu, 14 Jan 2021 10:10:45 GMT
server
nginx/1.17.9
etag
"1df256fb3e065fdf3b47b6ac51380393"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 18:58:18 GMT
css
fonts.googleapis.com/ Frame EC9D 		6 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 05:51:34 GMT
server
ESF
date
Fri, 23 Jul 2021 07:01:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Jul 2021 07:01:28 GMT
yandex-hint-rb.png
site.yandex.net/v2.0/i/ 		425 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.yandex.net/v2.0/i/yandex-hint-rb.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
425
last-modified
Thu, 14 Jan 2021 10:10:45 GMT
server
nginx/1.17.9
etag
"fbe624b4939c4538e386beffac5861f6"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 18:57:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B6E7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=600&slotname=9963274671&adk=3441243928&adf=3547757776&pi=t.ma~as.9963274671&w=300&lmt=1627023687&psa=0&format=300x600&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023687496&bpp=1&bdt=562&idt=119&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=1406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=flAxswKBB8&p=https%3A//nt.ck.ua&dtd=122
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcTzIXbjuUy92h0g4ONIPNkgxljV1aAIfWZZkTIyFoLxPvXxGS0yMUgp-9; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 23 Jul 2021 07:01:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 23-Jul-2021 08:01:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 23 Jul 2021 07:01:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 23 Jul 2021 07:01:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EC9D 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:48:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame EC9D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:59:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EC9D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC9D 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626867014740240"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EC9D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:01:08 GMT
l
www.google.com/ads/measurement/ Frame EC9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5GPWoY2fCqubI7nq-YT_lWpUkw0kGUeYzp0TJGwwWYRXC24GrZuDWKKgZu5q4l9Ao6j7MLdut5sT0ruozD3dswIFbjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame EC9D 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 11:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 11:23:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10386850651290704216/ Frame EC9D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10386850651290704216/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eaaabeedc9405001764aa2fb43d3d04e2691fcafcbb60a0cbf2c5945f403c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 07:14:40 GMT
x-content-type-options
nosniff
age
258408
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10707
x-xss-protection
0
last-modified
Wed, 12 Aug 2020 14:17:04 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 07:14:40 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10715951891141119277/ Frame EC9D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10715951891141119277/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3b33e3ea3bb7e40fe99c364527388eeb1f176ca0609e00648dc2b57cf54d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:21:41 GMT
x-content-type-options
nosniff
age
268787
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1801
x-xss-protection
0
last-modified
Thu, 19 Dec 2019 15:19:57 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 04:21:41 GMT
truncated
/ Frame EC9D 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame EC9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C44gKSGn6YPaVDbbMnsEPxuSxuAyvmryJYLrCz5i2Cr_hHhABILrPzx9glQKgAcrR_8MDyAEJqQLwwQV2XcGzPqgDAcgDywSqBKABT9BS4WR3GZgGCo-qpH2MSDrj_fdPkeC1wi-_J4DZZgB0HGk6kQVa201XAriuQXGfhAqKwlV07l-DwqHe7_X8NYQKGADqSS7EH3qZwPnuevdtEE42Ee1xPNRHyLDV4rfKxMEGxOYrSr1zeOVxkVqfLnKtkF6YSysNf7rjxe3xa8FxxTXkrLNszQ6M3ArFbf8SdD6jFdXN_GCqNThVu8hQCcAEmfHNiqgCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6qc1naoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQlZov0ggJCIDhgBAQARgfgAoByAsB2BMCiBQU0BUBmBYBgBcBshcaChgIABIUcHViLTc1NjQxNTIxOTUxMjIzMDQ&sigh=qckYw8iMWhk&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Jul 2021 07:01:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 17EE 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
h3_bold.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/h3_bold.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010e5a967e7bba5dc9f083bc22b9efc15fa7dd5e3a2b06958d80662683fb0a9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
302357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1225
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Mon, 19 Jul 2021 19:02:11 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 19:02:11 GMT
h2_bold.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/h2_bold.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b29915b929d0d75475b53338e0ae269303e7eba00df3ed06a7471423ff7bd3c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
269139
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Tue, 20 Jul 2021 04:15:49 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 04:15:49 GMT
h1_bold.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		2 KB
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/h1_bold.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f0b0183cfddc614ceaf6d51e99da027e865212b8f7779eab186010e0768d8dc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
252590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
726
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Tue, 20 Jul 2021 08:51:38 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 08:51:38 GMT
CTA_bold.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		2 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/CTA_bold.svg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
887b4df5196c39c137eb85a0b30f3dcb3e0b9fdf45515ad098b57b2135665a8e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
280003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
956
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Tue, 20 Jul 2021 01:14:45 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:14:45 GMT
sendify_logo_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/sendify_logo_white.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa28d2585de8bf4801b1f999e60ca8888d03833e7a795283142cc7a7cfd6823f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
470624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14555
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Sat, 17 Jul 2021 20:17:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Jul 2022 20:17:44 GMT
hovering-boxes_mbqy7y.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/ Frame 17EE 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6023584623075618540/hovering-boxes_mbqy7y.png
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc6697bd88faa9239202c9f4f64307c5a36cada1bb63aded91af9e1dc7050508
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
294939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32413
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:54:36 GMT
server
sffe
date
Mon, 19 Jul 2021 21:05:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:05:49 GMT
602636314.jpg
img300-rus.redtram.com/news/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img300-rus.redtram.com/news/602636314.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c9b2c877037c3e807e05538423337bcf755076b24f07ec2e427a351709182aff

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt
img02
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Thu, 27 May 2021 09:24:01 GMT
server
nginx/1.18.0
etag
"60af6531-61c2"
x-cache-status
MISS
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
25026
expires
Fri, 30 Jul 2021 07:01:29 GMT
604140665.jpg
img300-rus.redtram.com/news/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img300-rus.redtram.com/news/604140665.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
48177f023e99156d720982af3e3d3b4bb10addb7ad4890fbb1be51d7a217568f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt
img01-NEW
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Wed, 21 Jul 2021 23:26:10 GMT
server
nginx/1.18.0
etag
"60f8ad12-4f9c"
x-cache-status
MISS
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20380
expires
Fri, 30 Jul 2021 07:01:29 GMT
604087844.jpg
img300-rus.redtram.com/news/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img300-rus.redtram.com/news/604087844.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6c2ff0a71fae6d65d489b17f10248e79aa85549c966def0806d85fe31eaa3d96

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt
img02
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Tue, 20 Jul 2021 08:10:39 GMT
server
nginx/1.18.0
etag
"60f684ff-4f6b"
x-cache-status
MISS
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20331
expires
Fri, 30 Jul 2021 07:01:29 GMT
603828951.jpg
img300-rus.redtram.com/news/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img300-rus.redtram.com/news/603828951.jpg
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
65ac6f02f5365274a1b42bfd3df8c1828bf22788152fd7d53c989ed761947e08

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server-rt
img01-NEW
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Sun, 18 Jul 2021 07:00:16 GMT
server
nginx/1.18.0
etag
"60f3d180-32e2"
x-cache-status
MISS
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
13026
expires
Fri, 30 Jul 2021 07:01:29 GMT
5964.gif
nc-rus.redtram.com/px/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nc-rus.redtram.com/px/5964.gif
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.244.25.85 , Ukraine, ASN3254 (LUCKYNET Lucky Net Ltd, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 25 Apr 1986 22:23:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0037 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 22 Jul 2021 11:56:19 GMT
expires
Fri, 23 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
68709
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 8F0E 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 05:51:42 GMT
server
ESF
date
Fri, 23 Jul 2021 07:01:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Jul 2021 07:01:28 GMT
match
ads.betweendigital.com/ Frame 1D1D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D&crf=1
68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D&crf=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=73&external_user_id=0100007F4869FA60E1043574025F231D&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 1D1D
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007F4869FA602500194E02386136
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007F4869FA602500194E02386136
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Fri, 23 Jul 2021 07:01:28 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007F4869FA602500194E02386136
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame 1D1D
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007F4869FA60E1043574025F231D
  • https://px.adhigh.net/p/cm/sape?u=0100007F4869FA60E1043574025F231D&bounced=1
  • https://acint.net/match?dp=17&euid=5fnE5LIvg6Z.AikABlF60itFUw
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=5fnE5LIvg6Z.AikABlF60itFUw
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f6-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=5fnE5LIvg6Z.AikABlF60itFUw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame 1D1D 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Last-Modified
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=21600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 23 Jul 2021 13:01:29 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1D1D
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5599228341
  • https://www.acint.net/rmatch?dp=45&euid=AvEyHIFdxbBebmu3Uaj4_hg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4869FA60E1043574025F231D
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Fri, 23 Jul 2021 07:01:29 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4869FA60E1043574025F231D
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame 1D1D 		0
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPkYrORLn1V3SIeQa5NVITBh8yZlLRrl0wHqpO%2Fo%2BlR9jikX0A87hUMl1wsJJopXeAO0KTJcwpldRQWi%2BtxbrUXFwDTS%2FObCwkWVAJqd7%2Fue7m8Q5IVBSNx4oe9nUavtdLYd8Zw1uAmaWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
673309a7c9304ab6-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
sync.bumlam.com/ Frame 1D1D
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=32568732-e46f-417e-8593-2a25f373ed0a
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBh
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziIV1OuDEeum6QAlkMgkNw**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhjJ0umHBlIEioaQK2IkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABjJ0umHBmIkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjJ0umHBmIkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA**
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
ETag
ce252f26-eb83-11eb-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=rp1&s_data=CAIQABjJ0umHBmIkMzI1Njg3MzItZTQ2Zi00MTdlLTg1OTMtMmEyNWYzNzNlZDBhogEQziUvJuuDEeug1wAlkORcOA**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
match
dm.hybrid.ai/ Frame 1D1D 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=106&vid=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
101
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame 1D1D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Last-Modified
Thu, 13 May 2021 10:40:41 GMT
Server
nginx
ETag
"609d0229-c11"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3089
sape
sync.dmp.otm-r.com/match/ Frame 1D1D 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.57.201.195.clients.your-server.de
Software
nginx/1.17.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx/1.17.0
match
www.acint.net/ Frame 1D1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf0hp-mDhBDV0Al8jHQ
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame 1D1D
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

iseu
noneu
server
nginx/1.16.0
date
Fri, 23 Jul 2021 07:01:29 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007F4869FA60E1043574025F231D
date
Fri, 23 Jul 2021 06:58:36 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1D1D 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame 1D1D 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back03
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
0.gif
x01.aidata.io/ Frame 1D1D
Redirect Chain
  • https://adx.com.ru/sape-sync?uid=0100007F4869FA60E1043574025F231D
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F4869FA60E1043574025F231D
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60fa6949f0e015958616421c&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60fa6949f0e015958616421c%2526r%253Dhttps%25253A...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60fa6949f0e015958616421c%2526r%253Dhttps%25253A...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60fa6949f0e015958616421c%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60fa6949f0...
  • https://prodmp.ru/yabbi.gif?uid=60fa6949f0e015958616421c&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60fa6949f0e015958616421c%26dest%3D
  • https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest=
  • https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest=&bounce=1
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest=&bounce=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:30 GMT
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 23 Jul 2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:30 GMT
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=9712851&id=60fa6949f0e015958616421c&dest=&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Fri, 23 Jul 2021 07:01:29 GMT
pixel.gif
sync.1dmp.io/ Frame 1D1D
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D&cs=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.101.216.95.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F4869FA60E1043574025F231D&cs=1
date
Fri, 23 Jul 2021 07:01:29 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
match
www.acint.net/ Frame 1D1D
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=PkH0mIaekAr2
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=PkH0mIaekAr2
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=PkH0mIaekAr2
Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame 1D1D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=107&euid=e3e22512-86c9-52cc-96c6-20daf63c4992
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=e3e22512-86c9-52cc-96c6-20daf63c4992
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=e3e22512-86c9-52cc-96c6-20daf63c4992
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
www.acint.net/ Frame 1D1D
Redirect Chain
  • https://0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru/p?ssp=sp&id=0100007F4869FA60E1043574025F231D
  • https://www.acint.net/match?dp=111&euid=ede34873-b444-4ff9-b77d-5c9fa0dec831
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=111&euid=ede34873-b444-4ff9-b77d-5c9fa0dec831
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Fri, 23 Jul 2021 07:01:29 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://www.acint.net/match?dp=111&euid=ede34873-b444-4ff9-b77d-5c9fa0dec831
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.59
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
LL8aTn53Q1W_MDRZZKNvuQ
an.yandex.ru/setud/mts_banner/ Frame 1D1D
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F4869FA60E1043574025F231D
  • https://sm.rtb.mts.ru/p?ssp=natimatica&id=962f67eb85449fc72961bea43d6a99b30d60
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&ssp=natimatica&exu=962f67eb85449fc72961bea43d6a99b30d60
  • https://tech.rtb.mts.ru/?dsp_uid=2cbf1a4e-7e77-4355-bf30-345964a36fb9&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FLL8aTn53Q1W_MDRZZKNvuQ%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
  • https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=952304247
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=952304247
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 23 Jul 2021 07:01:29 GMT

Redirect headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=952304247
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
LL8aTn53Q1W_MDRZZKNvuQ
an.yandex.ru/setud/mts_banner/ Frame 1D1D
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F4869FA60E1043574025F231D
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&ssp=sape&exu=0100007F4869FA60E1043574025F231D
  • https://tech.rtb.mts.ru/?dsp_uid=2cbf1a4e-7e77-4355-bf30-345964a36fb9&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FLL8aTn53Q1W_MDRZZKNvuQ%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
  • https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=3686996724
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=3686996724
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 23 Jul 2021 07:01:29 GMT

Redirect headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/LL8aTn53Q1W_MDRZZKNvuQ?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D2cbf1a4e-7e77-4355-bf30-345964a36fb9&sign=3686996724
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
www.acint.net/ Frame 1D1D
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=456fcd3c-5182-4bb3-7485-0e44fd6cf104
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=456fcd3c-5182-4bb3-7485-0e44fd6cf104
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=456fcd3c-5182-4bb3-7485-0e44fd6cf104
date
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame 1D1D
Redirect Chain
  • https://s.uuidksinc.net/match/396/0100007F4869FA60E1043574025F231D
  • https://www.acint.net/match?dp=127&euid=szZxWMnWAkbcsrAb8nac
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=szZxWMnWAkbcsrAb8nac
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx/1.19.0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
location
https://www.acint.net/match?dp=127&euid=szZxWMnWAkbcsrAb8nac
access-control-allow-headers
Content-Type
content-length
0
userbind
match.new-programmatic.com/ Frame 1D1D 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Jul 2021 07:01:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007F4869FA60E1043574025F231D
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 1D1D 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:32 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
0.gif
x01.aidata.io/ Frame 1D1D
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4869FA60E1043574025F231D
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4869FA60E1043574025F231D&bounce=1
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
  • https://x01.aidata.io/0.gif?pid=LIVE&id=25154AE567E3D806BF4E&back=STOP
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=25154AE567E3D806BF4E&back=STOP
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:30 GMT
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 23 Jul 2021 07:01:29 GMT

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=25154AE567E3D806BF4E&back=STOP
Date
Fri, 23 Jul 2021 07:01:32 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
344
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
/
sync.bumlam.com/ Frame 1D1D
Redirect Chain
  • https://sync.bumlam.com/?src=sap1&uid=0100007F4869FA60E1043574025F231D
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjJ0umHBlIFrbKc-w9iIDAxMDAwMDdGNDg2OUZBNjBFMTA0MzU3NDAyNUYyMzFE
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjJ0umHBlIFrbKc-w9iIDAxMDAwMDdGNDg2OUZBNjBFMTA0MzU3NDAyNUYyMzFEogEQziUvJuuDEeug1wAlkORcOA**
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4
0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
nginx
ETag
ce252f26-eb83-11eb-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=sap1&s_data=CAIQARjJ0umHBmIgMDEwMDAwN0Y0ODY5RkE2MEUxMDQzNTc0MDI1RjIzMUSiARDOJS8m64MR66DXACWQ5Fw4
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
0100007F4869FA60E1043574025F231D
an.yandex.ru/mapuid/sapeis/ Frame 1D1D
Redirect Chain
  • https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D
  • https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D?redir-setuniq=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 23 Jul 2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 07:01:29 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/sapeis/0100007F4869FA60E1043574025F231D?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 23 Jul 2021 07:01:29 GMT
frame.html
s3.advarkads.com/modules/match/ Frame 7BB0 		187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method
GET
:authority
s3.advarkads.com
:scheme
https
:path
/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.acint.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.acint.net/

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
content-type
text/html
cache-control
max-age=60
last-modified
Sat, 25 Apr 2020 07:44:34 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
673309a7d88c4ecd-FRA
content-encoding
gzip
truncated
/ Frame EC9D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72a13f160bf9de58a5864a5989dfd3bd8c0f2bd7b08714513b69c55fe556e4d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame EC9D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
241287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame EC9D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
278167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 8F0E 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:48:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 8F0E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:59:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 8F0E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F0E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626867014740240"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 8F0E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:01:08 GMT
l
www.google.com/ads/measurement/ Frame 8F0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYTvg6RcnaZ2OboMBtoPSDsR60YKeXh_Wnwgu-8iW5Yz7Rfis41cpU2hkSvQL59Loke5HKgEKkYRZxV-knwtORAq6lfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 8F0E 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 11:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 11:23:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16822050229296023621/ Frame 8F0E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16822050229296023621/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b40844ae563d4c8db0e8bab052dbd001a667c5e92d13c4dea496294a85f133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 15:43:38 GMT
x-content-type-options
nosniff
age
227870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13466
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 08:33:59 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 15:43:38 GMT
truncated
/ Frame 8F0E 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
mc.yandex.com/watch/45352194/
Redirect Chain
  • https://mc.yandex.com/watch/45352194?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3...
  • https://mc.yandex.com/watch/45352194/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
335 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45352194/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A2%3Adp%3A0%3Als%3A1291358964092%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A249402165%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0f5ba2004a43345e148eaead32babbca7f4d2f9e3b32ef9e83db5c16b1f06c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
location
/watch/45352194/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A2%3Adp%3A0%3Als%3A1291358964092%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A249402165%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT
1
mc.yandex.com/watch/23414332/
Redirect Chain
  • https://mc.yandex.com/watch/23414332?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3...
  • https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
316 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A3%3Adp%3A0%3Als%3A910522936729%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A568763917%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
856f6cb1275aa956d85926aab9f815f3eecfaba703853d43f8e756db43714d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
location
/watch/23414332/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A3%3Adp%3A0%3Als%3A910522936729%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023689%3Ac%3A1%3Arn%3A568763917%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT
1
mc.yandex.com/watch/16742428/
Redirect Chain
  • https://mc.yandex.com/watch/16742428?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3...
  • https://mc.yandex.com/watch/16742428/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
316 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/16742428/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1178847032061%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023688%3Ac%3A1%3Arn%3A619335507%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
28a690eee1da0a3204d0d4938a9300d5ca27263c2356b64f8ad6791aed5bbb84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
last-modified
Fri, 23-Jul-2021 07:01:29 GMT
location
/watch/16742428/1?wmode=7&page-url=https%3A%2F%2Fnt.ck.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A1630%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A1178847032061%3Ahid%3A602232511%3Az%3A120%3Ai%3A20210723090128%3Aet%3A1627023688%3Ac%3A1%3Arn%3A619335507%3Au%3A1627023688544434639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627023685768%3Ads%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C600%2C18%2C%2C%2C%2C1767%3Adsn%3A0%2C0%2C420%2C94%2C742%2C0%2C%2C510%2C18%2C%2C%2C%2C1767%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627023689%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%BB%D0%B5%D0%BA%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%9F%D0%BE%D0%BB%D0%BE%D1%86%D0%BA%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://nt.ck.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 23-Jul-2021 07:01:29 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8F0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COuLISGn6YNzXDZe_nsEPpb6pkA61ocDUY6Dh_Zz0Ddak0MPBJxABILrPzx9glQKgAbbG-bcDyAEJqAMByAPLBKoEnQFP0FT0osbdQjdungVv2LmXlmnSFHt2xm9qUjSW3teZ8CS3Ybz0UgeLUC41JrxeP7FuuBzCqs6Lx3KgkfPUj-Wf5v2ixzUxV57Lz4pkeGsa2NbvjIwHQydsZkNT1z12yroUwH86r8O9-BNfu51WvTv2DesGEYGPGM1VJB3RK9Vh9jQDapDM0PpL-fz_b4S4IYIqY8D33NerFbh9dQB9wASXyLnO2QOSBQQIBBgBkgUECAUYBKAGLoAHsrmGSKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC1yRfSCAkIgOGAEBABGB-ACgHICwHYEwKIFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItNzU2NDE1MjE5NTEyMjMwNA&sigh=hWGUd9LKMOM&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Jul 2021 07:01:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 753D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 22 Jul 2021 11:56:19 GMT
expires
Fri, 23 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
68710
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8F0E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1d037a60dfeaecde8208c14123dc155bc2fca93f70128c809e47034aeaf9070

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8F0E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
241288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8F0E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
278168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
css
fonts.googleapis.com/ Frame 2D40 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 05:52:00 GMT
server
ESF
date
Fri, 23 Jul 2021 07:01:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Jul 2021 07:01:29 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2D40 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:48:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 2D40 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 06:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 06:59:39 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2D40 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D40 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626867014740240"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 2D40 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Aug 2021 07:01:08 GMT
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 2D40 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 11:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 11:23:58 GMT
frame.js
s3.advarkads.com/modules/match/ Frame 7BB0 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af705d0258809a85166f697f19b2ba882f9c8de4d89d3d39052d0127b1a4e9a5

Request headers

Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 10 Jul 2021 08:03:25 GMT
server
cloudflare
age
41
etag
"80c45f6275d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
673309a9cc2c4ecd-FRA
content-length
6672
dpixel
cms.quantserve.com/ Frame 0037 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENh2mOPnDgFToWl2pJxHFH8&google_cver=1&google_push=AYg5qPK_qTgXQjAYFcIyDOu7FSSi5w0aAKTmyTPaGIa_yoQl0-Sj_7tDz3NKbOEaxLfBoyDqnoLc-U43iW7EeKhlbb9cZZhHZoznAJdOyllWAVa-xSdnKakeACzqEcxTH3dhSjJYbt1E-UEq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 0037 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHsy-UjHM3XnswGhNt2nPgM&google_push=AYg5qPLJmcJ1qcgQ6Q22flur2fb-cqD8M25UyjHE61B2J0nAFw0MxlTqjwfD1iFoZrpN64EPzLI4ICd6utOM7d-p9LDID2lvHFzg56WnF5qwrztZhgk04V2j0br0hEQkhlP2wqaL1r1G1fxa&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0037
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhC...
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhC...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3no...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3noVvq6aQWhSr&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:28 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ2YHgrCMzebxBLwCmSRyl5H58Ow21CSiGj3v3970zv_GOt50A_yaXyrjTFxH3K0XH_eLtjxOPs7Ec-6CaJWh9_2kdDfSEhCOVTYv8wevagITOgWWndtfCuVAQoSyN3noVvq6aQWhSr&google_hm=i34pa3NQzUwjCYQzFfhA0g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
bslvjr1aso6l08oi8fll5s694mbbh2f8
pixel
cm.g.doubleclick.net/ Frame 0037
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIGxsLF74ag5pjobCG3cqgF_SVYm1fR0gA9HZcvMLpSIJqrBucYDaK7kjiv3Zi2cxPkp7KETb_bqq-wYmAfZFz6oPWfDUocx9TTSVOcS3GEtrnGp4_XDA7InzZ4AqhKq_UjAv7qdlU
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIGxsLF74ag5pjobCG3cqgF_SVYm1fR0gA9HZcvMLpSIJqrBucYDaK7kjiv3Zi2cxPkp7KETb_bqq-wYmAfZFz6oPWfDUocx9TTSVOcS3GEtrnGp4_XDA7InzZ4AqhKq_UjAv7qdlU
date
Fri, 23 Jul 2021 07:01:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0037
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCy...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RDctMUItOUxTOA==&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCyatnb1ZgvSE8phEi3KO2VwHq9uN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RDctMUItOUxTOA==&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCyatnb1ZgvSE8phEi3KO2VwHq9uNIAcLoqgYODonbgGTtre_JpfHP03Q8tn4m5TjZRz83Q2
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RDctMUItOUxTOA==&google_push=AYg5qPLJ5I1KcMVXTiQiipgRNVQR9qQbHuzZrsZiPPrj7zCVddA90Vm3_BJxHA4kY6tQgcLbyCyatnb1ZgvSE8phEi3KO2VwHq9uNIAcLoqgYODonbgGTtre_JpfHP03Q8tn4m5TjZRz83Q2
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0037
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCF...
0
0
dot.gif
googlecm.hit.gemius.pl/ Frame 0037
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM57s8UFCM0aC3yjl-IPXM0&google_cver=1&google_push=AYg5qPKpjr6Lp65hXO5OPT7t...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKpjr6Lp65hXO5OPT7tP9q0CksiDAo9PpjXczoFJnRMNrz_D_qZBm_BHdUC1m8k0lTakb3HmQnERLmt45bj643ZSE1wBpAM3WhDZjFuGWBA0ELm8eMHYR&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm6.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Thu, 22 Jul 2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0037 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhyJ_ztjSgMO-03EXpqNTugtWUx1TNE_mHGYwWIIJj2Fdj99XENtBQn_k4kTKYbslnrndcOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
downsize_200k_v1
tpc.googlesyndication.com/simgad/13177677106904926675/ Frame 2D40 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13177677106904926675/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d353a15355c9253fe33039e9ded76c1d7ce824f7a20c6e7af4b7becf47002d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 08:40:05 GMT
x-content-type-options
nosniff
age
253284
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8771
x-xss-protection
0
last-modified
Thu, 15 Aug 2019 07:57:12 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 08:40:05 GMT
truncated
/ Frame 2D40 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 2D40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CY_oGSGn6YOO8DYDhnsEP4NeJkAeoxdXkY4_Z1trFDrq_ss-LJhABILrPzx9glQKgAaKLzOgDyAEJqQLwwQV2XcGzPqgDAcgDywSqBKIBT9DJeOt1T0TzhKecfb91H2P5RrD8UwQ6vjLyH8m05n8OVp45d7GH7tVLDBdjMk9Nsx85bAqZ-rwbmm2j5jyACbya7XYDP5d5SwkGGCn39k6pCPl-BfvitVJnS1-RVn9herJGuNM6CTxg6YVuovdmKIRj4gLxQnt4OYC6-sdNqMWtpipj-gs28JtOOiG4hYmLJVFJto5sGHtC7rNxgYg74UjgwATf28PtxgOSBQQIBBgBkgUECAUYBKAGLoAHxvSzF6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCRjjHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNzU2NDE1MjE5NTEyMjMwNA&sigh=OxA6AaYut3I&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 23 Jul 2021 07:01:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame EF8C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=1237804635&pi=t.aa~a.3595443979~rp.1&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0&nras=2&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2059&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=ur4BayswSg&p=https%3A//nt.ck.ua&dtd=53
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
processor.js
tag.digitaltarget.ru/ Frame 1D1D 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=13615698511437
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:29 GMT
Last-Modified
Thu, 13 May 2021 10:40:42 GMT
Server
nginx
ETag
"609d022a-3da5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15781
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5A17 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 22 Jul 2021 11:56:19 GMT
expires
Fri, 23 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
68710
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2D40 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e8808c953deaa8c5ea08273b674d01045af29cea4d3eccd778b372f32c801d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 753D
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDx...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBY2RAMERoRg&google_push=AYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDxcki7z9raPhpAQHkJp3asCp_CgVFlkwxkW1nYyylZ9MeMg6aGXWRrG6O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBY2RAMERoRg&google_push=AYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDxcki7z9raPhpAQHkJp3asCp_CgVFlkwxkW1nYyylZ9MeMg6aGXWRrG6Ows984FZiZ0Yv5E4Tc_O0aqgDmgZr06Hw0yY_HRbSgWTGM
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBY2RAMERoRg&google_push=AYg5qPLTk_5zQxUlc6lqmtz_ckBIZ9FpFnBdpKDbQDxcki7z9raPhpAQHkJp3asCp_CgVFlkwxkW1nYyylZ9MeMg6aGXWRrG6Ows984FZiZ0Yv5E4Tc_O0aqgDmgZr06Hw0yY_HRbSgWTGM
Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
434
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 753D
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKRCpWiEtVkg_i3D1krhk51c_MquMPXlivdJgF6Mllihkqcbq7oBLTxVLvoGzvistkWFveNLjBo6JZlVrNUDy1ZIC5XoKGCeL_ngl66xHlYlQQ6HgFob27bqN509XGlQgHN6pznTvQ...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMnS6YcGEgUI6AcQAEIASpsBZ29vZ2xlX3B1c2g9QVlnNXFQS1JDcFdpRXRWa2dfaTNEMWtyaGs1MWNfTXF1TVBYbGl2ZEpnRjZNbGxpaGtxY2JxN29CTFR4Vkx2b0d6dmlzdGtXRnZlTkxqQm82SlpsVn...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZWxxeXd1REJ5YVJRNU9tOEJEaFNobExzZk52WlRZb1NYRUpwb2M1Ym1Gcw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZWxxeXd1REJ5YVJRNU9tOEJEaFNobExzZk52WlRZb1NYRUpwb2M1Ym1Gcw==&google_push
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Jul 2021 07:01:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZWxxeXd1REJ5YVJRNU9tOEJEaFNobExzZk52WlRZb1NYRUpwb2M1Ym1Gcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 753D
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLNfkk6...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLNfkk6...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjMwNzAxMjkwMDAxMDA3NTkyODY4NA%3D%3D&google_push=AYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7u...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjMwNzAxMjkwMDAxMDA3NTkyODY4NA%3D%3D&google_push=AYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7uVZXwRRiF60DmFtaLObysh-U-YdmUUuqNpJeJm5lWsMYWnu_vAvC-2QuUfYB1Br43mu6xu_lQE
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjMwNzAxMjkwMDAxMDA3NTkyODY4NA%3D%3D&google_push=AYg5qPLNfkk6sJPv4CHgiu8pEToSUT6iX3QBOSwq8yz0tC7Z1BlM5s0ffIB_TE4okoZt7uVZXwRRiF60DmFtaLObysh-U-YdmUUuqNpJeJm5lWsMYWnu_vAvC-2QuUfYB1Br43mu6xu_lQE
pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 23 Jul 2021 07:01:29 GMT
sync
odr.mookie1.com/t/v2/ Frame 753D 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHsy-UjHM3XnswGhNt2nPgM&google_push=AYg5qPJNyaslPHQEyzbtqlmY4j4dr7iouyTxL87UfCa1jZU7PBdP6Lr7K-nvwzKXbp5QHB9s7MmQCN2J98QUtjW41I7JLXAHKiPopGz7wWXeHDfc-a562qMTm6UIzcM50T0266Y-95FXHQzd&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 753D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPW...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPWNiaopT8N1-vfLILPpj_UkHflYNQBIfpSL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPWNiaopT8N1-vfLILPpj_UkHflYNQBIfpSLEqyuKBF6Fa&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:28 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJELAWHuKe2S7HuknrCoOZgMg4sQjY7EXoR7avT86YK8i9NLrZm_uAL5HPJ1ETUebRkxKdj7W7-8ILtFljxkW8UR-cq9QQPWNiaopT8N1-vfLILPpj_UkHflYNQBIfpSLEqyuKBF6Fa&google_hm=i34pa3NQzUwjCYQzFfhA0g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
qgi0n0j5sudabgctibg867km5e62djru
pixel
cm.g.doubleclick.net/ Frame 753D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vlt...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RjEtQS04S1o5&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vltm5sSEUHWE-eyh-bNSglRDBahWdoZjL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RjEtQS04S1o5&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vltm5sSEUHWE-eyh-bNSglRDBahWdoZjLs_x-TdAUS9hjpmJ1qzbvHlgY6IlZs4AsZ0eh6g
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5RjEtQS04S1o5&google_push=AYg5qPIa0zc56bMxB2Hd1xlsABC39K_p_cdqUwnchMWAINx5LyE1WU5CrhT8Vopa909K1002Vltm5sSEUHWE-eyh-bNSglRDBahWdoZjLs_x-TdAUS9hjpmJ1qzbvHlgY6IlZs4AsZ0eh6g
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
dot.gif
googlecm.hit.gemius.pl/ Frame 753D
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM57s8UFCM0aC3yjl-IPXM0&google_cver=1&google_push=AYg5qPIYYyb_1ey68BKWRpRC...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIYYyb_1ey68BKWRpRCyQIkI_bSRSU-SoR7zavfTzdNvcjPpoPm1AMZWG6-RMOVpirvA1eM2KdfeCl2pbQiYsDyUrEI1i2ReofY69vbETG93Eq2MdcP2n&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.182.200.20 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm6.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Thu, 22 Jul 2021 07:01:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 753D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JihiRTGyIiin9VXsE7chZRgVhb6chh81aiUHBJvBULyFHXwn2qTPqcHmOGlqO1xM5GmpWllQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
match
api.advarkads.com/api/statistic/ Frame 7BB0 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F4869FA60E1043574025F231D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.233.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.14.1 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:22 GMT
Server
nginx/1.14.1
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2D40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
241288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2D40 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
278168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 93B1 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=1457154069&adf=223419391&pi=t.aa~a.1479353726~rp.1&w=314&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=314x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=1&bdt=1211&idt=1&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250%2C316x250&nras=4&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=985&ady=3247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8EvxSwok6e&p=https%3A//nt.ck.ua&dtd=63
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENh2mOPnDgFToWl2pJxHFH8&google_cver=1&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb4wQGAuVYG6T910IU76VRWWbIlt8r2rvpNuT6yjQDoBfRYI4KOXB5ToglObV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb4wQGAuVYG6T910IU76VRWWbIlt8r2rvpNuT6yjQDoBfRYI4KOXB5ToglObVyUJwSmrlTxNVnC-wB3eCnKaRyTd&google_hm=ofz0O3QRLaExe90PdVGimw
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJobxfL_0iucKTB7ULr5h4BI4Y-_4GwlDuVZG2w7jQpggY0aQovJb4wQGAuVYG6T910IU76VRWWbIlt8r2rvpNuT6yjQDoBfRYI4KOXB5ToglObVyUJwSmrlTxNVnC-wB3eCnKaRyTd&google_hm=ofz0O3QRLaExe90PdVGimw
pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBQkZmakgyYw&google_push=AYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1H4GHy1E5xLpZw7LQk8A-Fd8VT_qlAN4m4mXClADk5GxvPD76-Z_rxMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBQkZmakgyYw&google_push=AYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1H4GHy1E5xLpZw7LQk8A-Fd8VT_qlAN4m4mXClADk5GxvPD76-Z_rxMj8d0ulRCWH-NBiiTP8RSeKu1vCzgdYuQjWvK2Mx3dkANzOf
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBwcFNRQUFBQkZmakgyYw&google_push=AYg5qPJ12_dY_aIH-cJNC5dl73948O3GzCv-3pB4xa1H4GHy1E5xLpZw7LQk8A-Fd8VT_qlAN4m4mXClADk5GxvPD76-Z_rxMj8d0ulRCWH-NBiiTP8RSeKu1vCzgdYuQjWvK2Mx3dkANzOf
Date
Fri, 23 Jul 2021 07:01:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
435
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEABw4zI6AbESs-tPgTYTT68&google_cver=1&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c5UZIEOttEiUDDd1MJCFCe3vxi78F0h8FZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c5UZIEOttEiUDDd1MJCFCe3vxi78F0h8FZCQfFvbgjcU&google_hm=i34pa3NQzUwjCYQzFfhA0g==
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:28 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLJfIYR3JbXwIDOLytKP7bAqbsdj8xAMSPhyM1gnwc8MSeMUAxa6lZTNYrk22OY9loq8-DlhIRl4jpi_bfrdPQU_en9Tf95c5UZIEOttEiUDDd1MJCFCe3vxi78F0h8FZCQfFvbgjcU&google_hm=i34pa3NQzUwjCYQzFfhA0g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
c2oh1i3rpbaqqg2t3kh3aaknn6vsqdng
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLy4eR9f4clOqb4aoUSXnmyXZ8JYPQzVL_iG3Gmasw_0ZIJpziofj1Kwt52Rf8H8v3NKyLIGOJH9o4hE0JrEZg9YyttCJRQufxynjz5sMynOy4Rit8unVmz8gGv3Dc-GFZu870r4kWv
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=g_o2OZSMREajVqXX1zRR4A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLy4eR9f4clOqb4aoUSXnmyXZ8JYPQzVL_iG3Gmasw_0ZIJpziofj1Kwt52Rf8H8v3NKyLIGOJH9o4hE0JrEZg9YyttCJRQufxynjz5sMynOy4Rit8unVmz8gGv3Dc-GFZu870r4kWv
date
Fri, 23 Jul 2021 07:01:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHU3KAQx0tFDozU3TaKMmWY&google_cver=1&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2nd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5S1QtMjYtQlZKTw==&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2ndOEfwK2kczTNYa8usWse-hukRCc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5S1QtMjYtQlZKTw==&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2ndOEfwK2kczTNYa8usWse-hukRCcEotsR2FvSsLIl0on-sG4RSQNADZo6y6YNesPyyOrvUe
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JGWlc5S1QtMjYtQlZKTw==&google_push=AYg5qPJkEzEgSmUEtK1yGD03bbbZbpmdjGYgxKaH3x_9ulBxSUNupoIBrGiWxWWISls5jC7q2ndOEfwK2kczTNYa8usWse-hukRCcEotsR2FvSsLIl0on-sG4RSQNADZo6y6YNesPyyOrvUe
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5A17
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U...
0
0
trk
ag.innovid.com/ Frame 5A17 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPiun89aP_o5JWYwrpJN-kc&google_cver=1&google_push=AYg5qPLI4dPC2meXYmDRvVMNifD4v1TZXKQiIfe8rnc2D9LL3FcRk7KvH3oWjzGY2_PJd37QmgILcyZ9n067Bv5Yk0BQchS0FdL-UWGt4rGZtmjW4khdTHKq0KUygxJyl5RyonsDKvvg5tQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:29 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 5A17 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBzY5IZ96u5OoAnS90lYJdSbvWgU60x-rP_4DjwTtba9dEYqc-gozK4sS7cRz5aTdB1taq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame BEC3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7564152195122304&output=html&h=250&adk=17562002&adf=4185096325&pi=t.aa~a.3595443979~rp.4&w=316&fwrn=4&fwrnh=100&lmt=1627023688&rafmt=1&to=qs&pwprc=9515623246&psa=0&format=316x250&url=https%3A%2F%2Fnt.ck.ua%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627023688145&bpp=2&bdt=1211&idt=-M&shv=r20210720&ptt=9&saldr=aa&abxe=1&prev_fmts=658x280%2C300x600%2C0x0%2C316x250&nras=3&correlator=2596595442561&frm=20&pv=1&ga_vid=1582241699.1627023688&ga_sid=1627023688&ga_hid=999893453&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=984&ady=2930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866&oid=3&pvsid=3651645146161867&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=3R4fOM4lUa&p=https%3A//nt.ck.ua&dtd=58
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 1D1D
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up....
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60...
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 23 Jul 2021 07:01:30 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.925577099904566&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 1D1D
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up....
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60...
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
29
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 23 Jul 2021 07:01:30 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=368421445790755.484633280724087&a=77&e=0100007F4869FA60E1043574025F231D&pref=https%3A%2F%2Fnt.ck.ua%2F&c=ss:77.up:0100007F4869FA60E1043574025F231D.sync:up.xdua:duR8NBBZ99zNdx1TZBcWs0VI.xps:xps2yRRyNrGHZByK1cGyNhZNh.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
log_event
www.youtube.com/youtubei/v1/ Frame F4E6 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/408a20d8/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ulSW0-BWAvU
X-YouTube-Client-Version
1.20210721.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtUYTlUaU9pVmlERSjH0umHBg%3D%3D
X-YouTube-Ad-Signals
dt=1627023687719&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C280%2C150&vis=1&wgl=true&ca_type=image&bid=ANyPxKpgQIdGK4reH-P5_-XKSTIgEfdtCaA7rawSIfBTZ6cV3WWbnpAXRj2XpUUaFSlIz1LhsaZhsRmqRPncy-TPavYBBMUXVQ

Response headers

date
Fri, 23 Jul 2021 07:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:30 GMT
/
www.acint.net/ping/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.3.0&uid=8c5ef825-f941-407d-8db9-2c5d29190eb0&dp=10&tz=%2B02%3A00&nc=02535530&dT=2021-07-23T09%3A01%3A31.753
Requested by
Host: nt.ck.ua
URL: https://nt.ck.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
impression.html
w.uptolike.com/widgets/v1/ Frame 09A3 		1023 B
914 B 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1706501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Host
w.uptolike.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nt.ck.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

Server
nginx
Date
Fri, 23 Jul 2021 07:01:32 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Fri, 23 Jul 2021 07:31:32 GMT
Content-Encoding
gzip
extra.js
w.uptolike.com/widgets/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/extra.js?rnd=0.6802343671323474
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1706501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4937790945a8a9eb3ba036f8926f57bb843cc345f2d6976d2bfaad07a64a136f

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Jul 2021 07:01:32 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Expires
Wed, 12 May 2021 12:38:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eca1c08dec7adf531fea5979a0af702677155ffc94b01256afba711c7398f5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Jul 2021 07:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8372
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210720/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7564152195122304&plah=nt.ck.ua&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:01:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3495 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 23 Jul 2021 07:01:16 GMT
expires
Sat, 23 Jul 2022 07:01:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5403 		783 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
96daa2065f12a916fa8276c1faa6287627c99a3d091f44933a24aa1edf53faef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WRbIRPSXTgWAf4MtEidlkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nt.ck.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

expires
Fri, 23 Jul 2021 07:01:32 GMT
date
Fri, 23 Jul 2021 07:01:32 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-WRbIRPSXTgWAf4MtEidlkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
pagead2.googlesyndication.com/bg/ Frame 3495 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13164
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 00:44:08 GMT
/
meealt.ru/bcn/ 		167 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://meealt.ru/bcn/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.6802343671323474
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.63.193.64 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1501.ru
Software
nginx/1.13.12 /
Resource Hash
84f892e24da032e9b16551c7d34a98a7f5e7ef7bcbbd69a9f8168d11dd5c1ec9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:32 GMT
Last-Modified
Friday, 23-Jul-2021 07:01:32 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
167
/
dspco.ru/tab/ 		0
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dspco.ru/tab/
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.6802343671323474
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.146.33.102 Moscow, Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1002.ru
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:32 GMT
Last-Modified
Friday, 23-Jul-2021 07:01:32 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
smart.js
static.tnsis.ru/c82up/ 		7 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tnsis.ru/c82up/smart.js
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.6802343671323474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.154.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.154.9.5.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 07:01:32 GMT
mode
no-cors
server
nginx/1.18.0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
imp
w.uptolike.com/widgets/v1/zp/ Frame 09A3 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.uptolike.com/widgets/v1/zp/imp?pid=1706501&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=57873f0c-e08c-4a9a-b80a-81d8d24c46c1&ttl=JUQwJTlEJUQwJUJFJUQwJUIyJUQwJUJFJUQxJTgxJUQxJTgyJUQwJUJEJUQwJUJFJUQwJUI5JTIwJUQxJTgwJUQwJUIwJUQwJUI3JUQwJUIyJUQwJUJCJUQwJUI1JUQwJUJBJUQwJUIwJUQxJTgyJUQwJUI1JUQwJUJCJUQxJThDJUQwJUJEJUQxJThCJUQwJUI5JTIwJUQwJUJGJUQwJUJFJUQxJTgwJUQxJTgyJUQwJUIwJUQwJUJCJTIwJUQwJTlGJUQwJUJFJUQwJUJCJUQwJUJFJUQxJTg2JUQwJUJBJUQwJUIw&url=https%3A%2F%2Fnt.ck.ua%2F&rnd=0.5117396178340865
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 23 Jul 2021 07:01:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=3651645146161867&bg=!RUalRgLNAAbnC78O5ws7ACkAdvg8Wkyo_Go3dwGIt8dcU-pxQWeSDUMwxVrGsbV9LfG4sKopd9Pg3gIAAABaUgAAAAxoAQcKAA6a89UW5fZ66dfzaZWqspkCZzBN9cBBnA3FRdSqQM7XA4Q009LYfrxmorKLlrkx89-KoZfSdrbFr6ldFGPGFIXBoy6FPDtfH1eYSZwzp2w1u4wPMGBg-z0lRp4pT01F1b9NFaIQ_MJvc4Lj76ORi1JNT1gPp_SR3QATH-HgY81eVmMSeycaanF5nTIw4a9r0Y9XMKA1y37TaF06sSf3Kqnih8yQRFnE8imTYbAfilB9gSRczkntaiQhgXuW8U6lpevXRcrNhvHhAzBeQClGajjOv5c1MjDHsW5hgGQlc1YO9dumanqbko0FEb7WS4vySEZKU5g5ZQKh0fxZWqWGbGoBRt_ymMdnIpxVsSwtHuqfoWDnfXZT1221NwZ58uQq0CCI5cB0m-P9iHQgbxiLZKAVYy5CvlVzooZMzkpKFUGg1zh6_ypheedZns8hmjlCHSuu9nT16HUa-UldP7tL8lOHqXQnB_CDs3N468BZKikrXkiJAqxrYUh933zoez6CC7ceQc5tJcJed7KrCSyc8hXfAEN3jU2sXBqIIiiHwJDOBvjPeXCcAOyCSwZlhPEacXJstF6_rqfrJRP23WWQuR4nKcwFB_svQqg-Ab4mB08XXX0HxmJCWlGFU9cbH8MGV5HgHh5a-Ct1cODBYs_othChmIUKu4EJ1meAa8leb0XNI4v8QWasdTMp_rMogKx6OreES6g7mp5IvoR7jHpuyzYajLcAkxQYwJ5aslsXO5xwqbeDga_sBPp7UaNZmzxFAj4A32yZreS7iIGR5BadNBBHVQo6KDPQrtjKjPjRJ8Ix2mOFi9BgugCY5MlLqox1jKtvaA80c1Aykg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Jul 2021 07:01:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
aipam.ru/data.js/ 		0
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aipam.ru/data.js/
Requested by
Host: meealt.ru
URL: https://meealt.ru/bcn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.154.65.194 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
belesta1011.ru
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nt.ck.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Jul 2021 07:01:33 GMT
Last-Modified
Friday, 23-Jul-2021 07:01:33 GMT
Server
nginx/1.13.12
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
support.html
w.uptolike.com/widgets/v1/zp/ Frame 3AE4 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.uptolike.com/widgets/v1/zp/support.html
Requested by
Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1706501
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Host
w.uptolike.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nt.ck.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
utl_id2=22754911145; utl_dat="CIKnrZGtLxAAIIL495mtLyiC+PeZrS8wACrEwqvBdXFZwf2jCtEUO0c="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nt.ck.ua/

Response headers

Server
nginx
Date
Fri, 23 Jul 2021 07:01:33 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=1800
Expires
Fri, 23 Jul 2021 07:31:33 GMT
Content-Encoding
gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=PT+Sans+Caption:400,700
Domain
counter.rambler.ru
URL
http://counter.rambler.ru/top100.jcn?2774416
Domain
gdata.youtube.com
URL
http://gdata.youtube.com/feeds/api/videos?q=polotsk&format=5&max-results=25&v=2&alt=jsonc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_cver=1&google_push=AYg5qPKEwjQGmObjBKp9cpyvGpDu3SCOzxGUf9CDA6kkbtlvBoi7yoqtgeu2WA17S1sMz2jXslCFS5WZ4eDRvOXJpohtQnt9I2oXqSwAoSDXkyKNROR9nG5N2Q4LZR2TtM52326Nx1bSzjwK&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPppSS4pyvIZM_Sn5yX7SwAABKgAAAIB&google_gid=CAESEJjZ6N5ouXIKlR4P4me5O1g&google_push=AYg5qPJhv0wHhWpM3sd-gVjs3UB3m8Sjaa1MFn2Spm646c6LB7U60AgHGoxInLJMBoRa3_thtyjENp8uLpbFcGJ5rPkazsjHL-6HNcQkQsNddrq0nDj-XGWp0Hj243jmgY0-n6ff0yl6NVUw&google_cver=1

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| BoardAnserCommentsID boolean| TreeComWysiwyg function| BoardQuoteSelectedText function| BoardAnswerComment function| BoardAllCancelAnswer function| BoardCancelAnswer function| BoardComPage function| BoardAddComments function| BoardDelCom object| BoardCasheComEdit function| BoardEditCom function| BoardSaveEditCom function| CanceBoardEditCom function| CategorySelect function| BoardTypeSetCategory function| BoardFieldsSetCategory function| SelectCountry function| BoardReCaptcha function| BoardNotepad boolean| OkSelectCity function| SelectRegion function| BoardformSubmit object| BoardModal function| BoardSendEmail function| BoardSendEmailFriend function| BoardVip function| BoardColor object| c_cache function| RunAjaxJS function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doAddComments function| CommentsPage function| dle_copy_quote function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu function| $ function| jQuery function| LoadFont function| EmbedFont object| lastTap boolean| tapValid object| tapTimeout function| cancelTap boolean| rightClickPending object| rightClickEvent object| holdTimeout boolean| cancelMouseUp function| cancelHold function| startHold function| doRightClick function| iPadTouchStart function| iPadTouchHandler object| adsbygoogle object| yandex_site_callbacks object| _acic object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| jQuery18306197794301986035 object| url string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_complaint string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_del_news boolean| allow_dle_delete_news object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| r string| __utl_vp_id boolean| __utl_retransmitted boolean| __utl__ext__counters object| ___utl_cnf_version_cb_w.uptolike.com boolean| ___utl_cnf_version_req_w.uptolike.com object| Ya object| yaCounter16742428 object| yaCounter45352194 object| yaCounter23414332 object| rtInformers function| AddGood function| RedTramAdd function| RedTramF function| RedTramH function| rtIsMobile function| addResizeListener function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _acil string| ___utl_cnf_version_w.uptolike.com object| uptolike object| cb__utl_cb_share_1627023688309357 number| rt_page_32634 string| rt_ref2_32634 object| ak string| sna_v object| teaser_ids string| rtn4p_domain string| main_domain object| divp object| div_photo string| pathImages object| img_i object| divt object| divtit object| divdesc object| divcl number| rtPixel object| __utl_imp_instance boolean| utl_ext_req_w.uptolike.com boolean| __utl_zp_clk_inst object| GoogleGcLKhOms boolean| utl_wmdetect boolean| __utl_imp_flag_1706501 object| google_image_requests

2 Cookies

Domain/Path Name / Value
.advarkads.com/ Name: u
Value: EAJfNS7EoE-eWo8M6Ptz_Q
.acint.net/ Name: aid
Value: fwAAAWD6aUtz6gTiBXylAlaSXYVmQusuWCpwtW8P8oW77dsh

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f4869fa60e1043574025f231d-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
ag.innovid.com
aipam.ru
ajax.googleapis.com
an.yandex.ru
api.advarkads.com
belnovosti.by
cm.g.doubleclick.net
cms.quantserve.com
counter.rambler.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dspco.ru
duda.com.ua
e.dlx.addthis.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gdata.youtube.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
http-polotsk-portal-ru.disqus.com
i.ibb.co
i.ytimg.com
id.rlcdn.com
image6.pubmatic.com
img300-rus.redtram.com
js-ru.redtram.com
kupisuvenir.com.ua
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
meealt.ru
n4p-rus.redtram.com
nc-rus.redtram.com
nst1.gismeteo.ru
nt.ck.ua
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
polotsk-portal.ru
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb.openx.net
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
site-ok.ua
site.yandex.net
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
static.doubleclick.net
static.tnsis.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
vkurse.by
w.uptolike.com
www.acint.net
www.belnovosti.by
www.ceramtrade.ru
www.gismeteo.ru
www.google.com
www.googletagservices.com
www.gstatic.com
www.nt.ck.ua
www.yandex.ru
www.youtube.com
x01.aidata.io
yastatic.net
yt3.ggpht.com
ajax.googleapis.com
cm.g.doubleclick.net
counter.rambler.ru
fonts.googleapis.com
gdata.youtube.com
104.117.200.162
109.248.237.36
142.250.184.226
142.250.185.194
146.59.152.166
149.154.65.194
157.90.179.218
185.134.201.14
185.134.201.5
185.143.172.209
185.15.175.132
185.15.175.133
185.64.190.78
188.34.131.130
188.42.196.115
193.106.95.134
193.232.148.145
194.190.117.93
195.201.243.72
195.201.57.28
195.209.108.48
199.232.196.134
213.87.44.187
217.182.200.20
217.65.2.150
217.66.147.162
2606:4700:10::ac43:dab
2606:4700:20::681a:a14
2606:4700:20::ac43:4535
2606:4700:3039::6815:c039
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:7a60:0:1025::1
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef
2a0a:7d80:1:7::115:f6
31.172.81.159
31.172.81.160
31.220.27.134
34.98.67.61
35.186.253.211
35.190.16.14
35.244.174.68
37.18.16.22
37.9.245.57
46.4.121.26
5.9.154.158
62.244.25.85
69.173.144.138
80.64.106.148
81.222.128.215
82.146.33.102
88.198.31.232
88.212.201.198
88.212.233.36
89.108.119.28
89.108.97.2
92.63.193.64
93.84.112.130
93.95.102.105
95.163.114.203
95.163.37.253
95.211.66.35
95.216.101.186
95.216.99.227
95.217.33.38
99.80.199.35
010e5a967e7bba5dc9f083bc22b9efc15fa7dd5e3a2b06958d80662683fb0a9c
02055a230077da85c22691d25c5cfe98767ca6313a93635d9db0e0303a78672d
0208dd9baa0dd61e5617d73f8040a84011c5cc615df1daa17cccd9fa641a5522
05f14bce3a25b3006c1bf8f88f362cbc450f72e93cf28eb2a4e2fa1d7e0c3c0b
0914125b7e2046b356fe163ca07fb8c7bb51294dedd675522ae98868dfb09b91
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8fe70c47a567f16193a49bfeecfd0ffa78a95d41790e8e138e3319221be45a
0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f5afcc8d477e94879f3c169f390caf550d864f297e31ee2a152420d4d15c362
0f5ba2004a43345e148eaead32babbca7f4d2f9e3b32ef9e83db5c16b1f06c44
0f99cad2e4e68de8d881873541e36162f4c02e332be714a682767b6dfd7b4180
0fdb2d9d92420d1c6d74863decf7d9912d177bbc66da8e0171d21a7db2afe012
10fa27f2995544b9e160cd01df5be5cb5ea4fc7c034e15df6920402d3fe50ecb
12f8d717cb06ebe209d14db0129ff061a852c7b0275144695f0022269a7c712e
140009239a3d52323d5d3b5afedaed665fbfab22da0d4df39648fcda49ed23b3
147280bb7ac8a136a8b997dad6217fdc39dec1de470acf385a0fd6be8a0fbfb1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
212a09e0de6dd5d7386943f2fbef7c22eb8f4bbaf7726c449cdb258fb563691b
2657a759ebb7ef9c10d91e626911d9f46ddb6d402590b8e14980984024e4216a
26de4ddd1b1df5248f57da90a5b50565ee13055f0ce6aaf7ea840d287f8a0d34
28a690eee1da0a3204d0d4938a9300d5ca27263c2356b64f8ad6791aed5bbb84
29160bf6d2c7d06710c1d94b7d8c51be0bc0178975a275fc7e2b5c76eab23496
2a0a953369d361695d49d2a040339dc31189da223e55516baab4e3fd090662dd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac1370c3326693edf592ef1fa777a68386c299b3a24dec07836bbbd460fd12f
2b29915b929d0d75475b53338e0ae269303e7eba00df3ed06a7471423ff7bd3c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eaaabeedc9405001764aa2fb43d3d04e2691fcafcbb60a0cbf2c5945f403c27
2f0b0183cfddc614ceaf6d51e99da027e865212b8f7779eab186010e0768d8dc
317e0abab3a8445bca853f162b573ddfa0bef6d817ccab2094aa8d7f21fa1615
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33c166e5afd6c972856fbb9a2f284cb000ef599bd5b0c274a46ef53b6de6b916
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
37964ed9d7b3d32afa78b142ee81447ea740f07e34368ae34818fbf692a0021e
3d46e371b39b8f6bcfd391260142528a802176fbcde8f516fd2ae6b9b6606120
3d7256deaf9251d423524d55ee9a4d98dc92cc8aee3d620c141bdc38d4043e6c
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6cad77a17037f79c4fe0dfa66a4e1ead9c509da1d3dbf165c41f2a484c8de4
409539af14c019f43e1ee66b7e4e8bd1387d9fd3dbdf2857c98d78b406966b63
4161e20ba5da0344c388ca3636ee162e662959fb99a004ffe566a0176fdb857d
4220b48a0f661d8843eb00eab0e7f6b2c27be4ecf22f42be357901a29c1ad8f0
4337a997244b7ab2b7a9d2d20c82dd4be5ce15c0267cb2c2fb04c872d44402ab
44f490ef3152669a0f6f102bb7eda2693fbeee6818e3e8393c28a1efd1c15862
4528f679202d1ebe9ec79c657416474d83f61d9cfcc9a2a5db5b03869009bb64
454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2
47786243c23aed752f9765e373974b5b4a13014f2f4db4397e27b3026defa7f1
48177f023e99156d720982af3e3d3b4bb10addb7ad4890fbb1be51d7a217568f
4937790945a8a9eb3ba036f8926f57bb843cc345f2d6976d2bfaad07a64a136f
49b94c2a4c9dc446b0221ecb5d49a5a760105dad20c72e4cd8fe533a4d1dcc76
49c16bf255adcaaafe4d6c133be623be8f2dbcb875c332943644cce2dd189b6a
49dc4752eb3f3313740e46e21cdeebb0ac74338d182a743c936904bbc94944d6
4cc6455dfe19534a7b0d4ff93719102017e5999bfddb4804fe74cc242fd35223
4cf5f98ac56c8d5414035b44ddadbc4f6e874fcb7d0094268d408fab22f85429
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9b23e89658d9d0963f7e0a2eb2c742ec19a158f2848b6ffb202ae751783408
4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8
4f87c11b7bd2c0bb35432c2a4a25b35c5238c528e358547dba5888bb59be38ac
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5167eb27727dd4021e2e95a1ddd77f531a43f8785199fc02ff95d747b3e3ed4a
5250b92524aeab7c597c0e7f737085ab9409a41448e6a2a574c0cd1f1d4f6cb1
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5467f9d7ba64a0e419693f5aba0f8e8e2c098a9e3f759988adaf976b13d6c7f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
557e83d045f44de725127c7121ca17764f9a48dfa643c05c3932dcdc7ca42b28
55f04a8a140476680b55d6079d17eeefb963edd26e64ffd2f6e21cf89a51a21b
578b4edf4d3acd8bfb00318d7c0eef290d7461e822a32587b883caf950472b2f
57d14b595e0cb0db58044a881797be5001bdc64c72400b1dfe8125331739174c
57dac86d698ceb4dc3ee6ef2651346e12c938f9508dbebcff0ad6d2abd71cbe5
587452eb085605aa5b36ee133959882990b35ffb0a7fd5fe21445b5319beee6e
588871c785d4268425b8e3b7161b586467bcdcd3d9a88b4ddc386a15cbd4ef69
5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f
5bcc38972dac2a96e473d6490b1c736e103903d363bfd95308caccec0f6442e7
5cb3bdd4d0a8b314c8c2633a5c026df010649e7102539bb2c4d7691a824e2089
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5db89eb2f9ac49b17cfa2a12209a706fb9e532129fa782518cbb5cc9e449438e
5e51a3fa88b85880f1227335b25bd6a1dd2c631fd4ba1a9958c2c5390949386f
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f27757a9c5bff0b4c6877bdbb7d702f2aba688be1ebdda079369dadb8bf63bd
5f8982204e92479e58758994dbb2123fb651be3e66bc3deedd72a737d400804b
60717a8b680e2f85643d933cd76a6e7e0024988f5158a8e127874ff9a8c229a3
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
619056f5587c86ff8caccf255484c6f719551ea7828c01209b2da5cca2f41f28
62634d7c015c332cd46f3fed5c64edc8cf4e3183dc4dd3719f325d83d42864e7
626a45ea70b3ef15c8daf7db433c05a280e9e39152e7b8927cea1d58d3ad128b
63ca9d24cea93ae11c7290ed87c839349fa853598ee5219e8b7ba5cfb11f2d60
65ac6f02f5365274a1b42bfd3df8c1828bf22788152fd7d53c989ed761947e08
66edc34ee5e4895f056a45c21306018c8adda0c9a7a3ec41b8280c04adb25dc1
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69ce633e6314da88aa3042bec8611105cc421b7b738f0f1f8050376191604947
69e08df12e2ef379ba4091073f1d9838db368e03f6064cba973a33a1d6b51568
6c2ff0a71fae6d65d489b17f10248e79aa85549c966def0806d85fe31eaa3d96
6c3b33e3ea3bb7e40fe99c364527388eeb1f176ca0609e00648dc2b57cf54d45
6e96d087275affbfd2980ad6e5499e0ff58423afae48c558cd0dc26b39eac392
7003eba883f0d3ed7f0a539260b00d02c9ad16a9f3a4978bb97dda5621ffd009
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
70bf8a1838b8e7fab81f0289706ee696146035cfffa91463887a061c2ea7673f
717e3308c594a23c4960070a672a8bc06129a1df40b16d1e9f6b32cba85d0ec0
72a13f160bf9de58a5864a5989dfd3bd8c0f2bd7b08714513b69c55fe556e4d2
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
7415377e39378471c0ac83cf1107747dd39a4e2ce517dd966c79a122b80ec4be
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7784302ebc76c0e47824af6ce5a41208b15418862b893fee86867f4dbde17fcb
79052adb2d97720701c170ef636b71d6d509a3e5e36fbbb05cd559e19f439d8f
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7e9bcc30bb2c16a8e3471a7ba727c7d91e2e1dc00749523e3f0d0b5f34af6038
7f7be270390f62cee61138f7272dd0e24182e6c6ce81c6b8ec0b622cd8c0cdcc
8122da1a4f32ff8670e128d9619bb518c3253ade4ebc1e73c48997da525cbd7d
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
846df5f5cd49a06cc9c05da2a41ac5f32f040a660e646cca916e93b057242c18
84ba8b453a26f65ca7989a453c99852ae81f7968981d9134c7bc48e5ed1865fb
84f892e24da032e9b16551c7d34a98a7f5e7ef7bcbbd69a9f8168d11dd5c1ec9
856f6cb1275aa956d85926aab9f815f3eecfaba703853d43f8e756db43714d39
8587360c7f24d2665541cf78c91fd67557e25eae22b6ad40cd996cf458a22205
859ad969d6844581f709ef5fd9366f4d95b7de06c4eaa7c23fb890481e1a9e06
85ec127fa728c99e31c7d62ff1e7bf6efe16e73901d4323a5c5bbb9a7fcb3a8f
86fc86e7d6147f77b5c145bab4fb09cf76aa3c782893c97388cdb419cdf382e1
887b4df5196c39c137eb85a0b30f3dcb3e0b9fdf45515ad098b57b2135665a8e
88946e35efc564bf46a34f82505d96105a025784b6ee684f6c27cb728d5a9c06
8b422c39d726fcfd2783c4f15130b87049659c17bb8816da6b9a3c498b381288
8b952bf71013d2c165d236fcfdc569bbf39e68bec32bb2e25189191e35d1f1ef
8d072fb0c9d3fdf5534c812dbdbccb629bfbf5c234e5f45eb704bac6bfdb7684
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
8d8144c1ad4534b6806e2a5d63eb03bdbb8a9b1ccffe835336b3ae8fe2418293
8d83b2089b249ebfbcd9eba876317be3353813659151a2ac3d123fe1e2506bf8
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fa04ed11a6a3a6c4f31d76ca64a2cca95430fe84524292768a464cf93eca2fb
90e3e5f8ce2da101f69de534e3f61c8731c8c1e52c969ff1a71d37f541bc3f13
914860fe6e1884514419f14af0370d1e6373460dce30a2865eaf1673f31ea620
91ecc19a145dc8c385fa84f070fcf31e8b71691ca26cb41036da659c308e999d
948cc6e8c141d0ef2f2ea50d36dd8582be9af44c84334cd2f165d4781f241378
94b40844ae563d4c8db0e8bab052dbd001a667c5e92d13c4dea496294a85f133
94e0328e53812c266dd722f2b09e901160a0c7bdd90b016df9a47f2259346bd2
9643f0426ccd3323d139f2842cb97800ac4430847330e4f7d5c0e74919ad7aff
96daa2065f12a916fa8276c1faa6287627c99a3d091f44933a24aa1edf53faef
982daefc24d25d1148ecfc87d0b7d37933c384a4293ad57513f5c159abecfc10
9864e98c2055c7d29ccbc77bd7821a6b0102087e40c9197001cee4377a9cd867
9888f8356680ea8d2362da865f42912e99c2b8e78a0673659296385e6173f4f2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1e2bb1b30b15b6a55edb8aad938006552009a9c62b712a9b97b790b27400cd
9d2c4f1d5a49724b7c1fb1ac101bee67656fcf093b3563d255d0d0e2c8762110
9d353a15355c9253fe33039e9ded76c1d7ce824f7a20c6e7af4b7becf47002d9
9e8808c953deaa8c5ea08273b674d01045af29cea4d3eccd778b372f32c801d7
9eb6a49ba9a08253cba916dc70735eeb9e4fdf472e752a6b633ca5777e9f354a
9ff24019d4ae69b3d18f139bbb45b77647e8bab2797cf4e3a249e667b3dac507
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cb31857b7233f7673a9f8fe5a15605affc972324317f85c512223df112bed6
a1ff53fddc3f2d3a68a8cebe203e5d5d203ef6613a19188a224f23188b9c3c7c
a2f3a22cb9ada409826509c4d7ee9feca0121a756dfffd0ae6b1ffc205317e98
a44483abbb911ba55cdcabe911145050e43890d19143c37d5cb8e89cb639b89d
a464216e9b553bce21805bf35d72f9dbaa6c867629e8f1b520806516a81994d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9d157d7815f630a6e1dd8874879fe199a95a796aff977f27fdb1ff114138f3d
aa28d2585de8bf4801b1f999e60ca8888d03833e7a795283142cc7a7cfd6823f
aa6920af3f217ae5ded507f015ff3d8e8d939c8776cfed4237f357d0e0c067d2
aaaa38c5f73b1a5a4b22f51a2eeb2ec9cfedc1692c743e849ad9da639fbb9bd7
ab5932db06a8b4092f8eebcfe41ed3705ab7712e27b0dac8f25e6de7b1e6c961
abc48aa4af6b5349d811fae1e972419ce185a7135bad806659b417f57b913206
ae7335aa0d47900e6efcaaf14f5329561910847567cff7fc92249f441fe37df8
af705d0258809a85166f697f19b2ba882f9c8de4d89d3d39052d0127b1a4e9a5
afe72e4e054665958d9f744a826faa1e5356bc17b1ca5f2250e24241025ba2a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7380fd2c17a3f772f4a4de6ecb60ba29851b2cd92eaca79d5f7d3100952f2e4
b875d90e349610f30b0847af533fdb34966eac9f0a68a74bd435beb7b57437b2
ba727d1d6e5235e5deaab054611ec2cd89ab421acf657a3b6fe9aea703657329
bab0b531a8f012b8004d807cb9ceb7a28d2225053f8ab8d7e76ccfa617611aba
bbd16195dc742a1be26dad1bee48f6b26dc8b9343615c0bcee814a47e61b7e01
bc6697bd88faa9239202c9f4f64307c5a36cada1bb63aded91af9e1dc7050508
bf4bff221f0fe521aae5d6b7184e2eea63cfa11e1066145eec9fd79ef9f7c4db
bfec0b547d4f20b20507ca6afa91a6333319f10ab6d59180d57096823d6d6fab
c310537430a2c7fd872702a3120abb3c074a369776ad2fa78929246f34390fee
c44994fa09a2bbd33156a6a14e3dd47c371ddd0a465f03c5bce5d85252d33b68
c83eae7a38656b387443bacfd93af203e31b66bf687c21af1ef00fab98507aef
c9b2c877037c3e807e05538423337bcf755076b24f07ec2e427a351709182aff
cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cce9c1946a699b2fc47ab85f14ba99e8b3825f07c7030035c2fce375ae8ad542
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1c4eeb75af5c66c265ebc6daabef0a1061250ba83618aafee65d7e4e296c706
d60b5eb4286619a7188167ed938b69570cc891180047b72531a7a50409b98b29
d647d22baa52bf8f33b8b705a2514763d021cd17abd20c1ebd0e388c69af627c
d7538b884af4a77e5fea756a548591e80c0f54c336a9fad2f9da136b385da8ad
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9ecb733855795c5afbd886be4296065a52b9a9ec154f2230678e554b6dc1afe
da6faadda2796ba5d6b3ff03de905d3688209175bc7ed0754e4d88e254096701
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e00f26f5ebeec7eb642e911c735e9959727c7a46cc07f80e5a3a4908ba138f0c
e1d390cca44e87ef4159da7b451dec44729c49c09f53532aef430fff9e94dd28
e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2b67970fe21a295a586f8634ed4ab1c68b01d4447359a7321694ca112f257
e4d0d2cab3ad7799406b1c319dba5d56372a871703a027018036b344f30b764b
e721bb0abf678ee43c29155457874bb2705ee1cc69e52df2115ca0c4bfa66497
e834fb30e92a9b240b1e182276ac19c453694b3303832d22917cbd3dbed35c17
eca1c08dec7adf531fea5979a0af702677155ffc94b01256afba711c7398f5f5
edd56b15da6e649c0f02ad628a1471df145098e7a67322261afd2508285deddc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee97c58deb22f1c3a8fd6354a56272b6038481b4c49a0856e52c38c31df19ed6
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02fb7182afaf8a47b146d40d9cd1e220be47730002c073e73b8595da5f96b55
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f0f109fe9657991df16f7a6bdaa1b1e8d5d0184675436357ee33cf30dbcfa345
f1d037a60dfeaecde8208c14123dc155bc2fca93f70128c809e47034aeaf9070
f3d601225b4b50405fad6a88b9e5f4cd2f07a089a5599beea12660b1b033d583
f551a9515a3d04499eccab409e845087b002e6a8b8a46f3dc2bec4579e0d5735
f685253d08f42622368d6f40e16e49247b73b01870801297efc53ae1f011ef0f
fb94f2d531b756ac6d16c478cd4c7c5ed942e116e52aeecfdc9fa14616d3bc3a
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc507c24f6e9188068a078de48f881d70ca01a9aa30f2335a2121c71a2f1f6f2
fd7c690415ea6f7d9682bf09d9353b8aa5bd098128aa3a201f8eb0fb16e8067d
ff05c29002d010728a3edab992e4a03eb6ed4d359c2dd0697f8c8732871afd66