nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On November 22 via api (November 22nd 2022, 12:05:32 am UTC) from GB — Scanned from GB

Summary HTTP 151 Redirects Links 113 Behaviour Indicators

Summary

This website contacted 59 IPs in 14 countries across 40 domains to perform 151 HTTP transactions. The main IP is 2606:4700:10::6816:3649, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 138593.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2606:4700:10:... 2606:4700:10::6816:3649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 4	51.83.200.186 51.83.200.186	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::1055:1	200325 (BUNNYCDN) (BUNNYCDN)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 3	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:c600:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::863:1	200325 (BUNNYCDN) (BUNNYCDN)
1	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	18.184.90.3 18.184.90.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
1 9	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	2a05:d018:d29... 2a05:d018:d29:3602:fe88:ebd2:7b5:6ad	16509 (AMAZON-02) (AMAZON-02)
4 11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:223... 2600:9000:223f:6e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	23.11.239.181 23.11.239.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	64.202.112.223 64.202.112.223	() ()
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
151	59

1 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:10::6816:3649 (United States)

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.200.186 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1055:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.71.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c600:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::863:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.90.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-90-3.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:fe88:ebd2:7b5:6ad (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.11.239.181 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Paris, France)

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 138593 static.nv.ua — Cisco Umbrella Rank: 404250	979 KB
19	googlesyndication.com 1 redirects f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	151 KB
18	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	171 KB
13	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	223 KB
12	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	10 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 439 eus.rubiconproject.com — Cisco Umbrella Rank: 541 pixel.rubiconproject.com — Cisco Umbrella Rank: 307 token.rubiconproject.com — Cisco Umbrella Rank: 544	14 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 491 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	7 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416 ups.analytics.yahoo.com — Cisco Umbrella Rank: 280	3 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 64696 ls.hit.gemius.pl — Cisco Umbrella Rank: 12859	22 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 691 gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	8 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 209 acdn.adnxs.com — Cisco Umbrella Rank: 579	20 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5922 adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 95200	193 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 587 cdn.indexww.com — Cisco Umbrella Rank: 1490	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1226	458 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 519	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 554 eb2.3lift.com — Cisco Umbrella Rank: 339	656 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 790	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	74 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	158 KB
1	adotmob.com sync.adotmob.com — Cisco Umbrella Rank: 1358
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 695	759 B
1	zemanta.com 1 redirects b1sync.zemanta.com	309 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 355	921 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 807	75 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004	574 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 661	439 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3287	104 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	637 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6055	276 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8982	403 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3954	1 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 65785
1	cloudfront.net d3div1mtym39ic.cloudfront.net	44 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 165909	310 B
151	40

	Domain	Requested by
25	static.nv.ua	nv.ua
11	cm.g.doubleclick.net	4 redirects f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
10	nv.ua	1 redirects nv.ua
9	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com www.gstatic.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	www.gstatic.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
4	cdn.membrana.media	nv.ua cdn.membrana.media
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com
3	encrypted-tbn0.gstatic.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
3	www.google.com	nv.ua tpc.googlesyndication.com f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
3	ib.adnxs.com	cdn.membrana.media acdn.adnxs.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	sync.teads.tv	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	sync.1rx.io	2 redirects
2	encrypted-tbn2.gstatic.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.google.de	nv.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	unpkg.com	1 redirects nv.ua
2	www.google-analytics.com	www.googletagmanager.com nv.ua
2	www.googletagservices.com	nv.ua f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.adotmob.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	px.ads.linkedin.com
1	acdn.adnxs.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	ssbsync.smartadserver.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dclk-match.dotomi.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
1	mug.criteo.com
1	fonts.googleapis.com	f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	ap.lijit.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	d3div1mtym39ic.cloudfront.net	nv.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.hit.ua	nv.ua
151	68

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
hit.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.membrana.media R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
sync.adotmob.com R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh

This page contains 14 frames:

Primary Page: https://nv.ua/
Frame ID: DDA2CA29C145AEA457D430DEE6262A40
Requests: 82 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 90D07CA3A3F7ABEF2A323F7854C201EF
Requests: 1 HTTP requests in this frame

Frame: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2996B48E6C0EB0E597B0423BC49E291B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCE07C640D063E483582D8D5B285348F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B75D6FB6FDC8B4AFB3669AC16E7A6C1F
Requests: 2 HTTP requests in this frame

Frame: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7A57894BB89BCE01715C9206FE6FB9D
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: E1ABAFCB948C42B4B85612A104BE196F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26EBF6B46A59FC355F1A634943D1D731
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: AD30739C3D546934B1E38CDBEA23E968
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F6300512330FA09D586E779EFC6DAE92
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66A0CFA2A47FCC3570D7ED56E6E5D3BC
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1C50F709075411D07AF020207523C95C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0DBE37F77FEB44121FF24508EE68354A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 93420DE80C238B9EFABEEEFEC4BA163D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

151
Requests

85 %
HTTPS

52 %
IPv6

40
Domains

68
Subdomains

59
IPs

14
Countries

2157 kB
Transfer

4214 kB
Size

42
Cookies

113 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/art.html
Title: Арт

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview/zhinoche-fermerstvo-pid-chas-viyni-50283162.html
Title: Жіноче фермерство під час війни

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/5-nagalnih-tem-dlya-pidpriyemciv-50260846.html
Title: П`ять нагальних тем для підприємців

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/stosunki-tri-prichini-rozbizhnostey-u-poglyadah-choloviki-ta-zhinki-psihologiya-50285691.html
Title: Роберт Таіббі Розбіжності у поглядах? Три причини та п’ять порад, як із цим впоратися

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/yak-shvidko-zaspokojitisya-tri-prosti-tehniki-psihologiya-50285584.html
Title: Алла Рожкова Цунамі тривоги. Три прості техніки, які допоможуть заспокоїтися

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/depozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrmarketsdepozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr?utm_source=nv.ua&utm_medium=1&utm_campaign=ukr

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks/chomu-ne-mozhna-jisti-pozelenila-kartoplya-50285588.html
Title: Це отруйно. Чому не можна їсти картоплю, якщо вона позеленіла

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/web-summit-2022-tri-uroki-vid-ukrajini-dlya-biznesu-yak-rozvivatisya-pid-chas-viyni-50284448.html?utm_source=site&utm_medium=lentaglav&utm_campaign=promosite
Title: Чого українці можуть навчити світ. CEO Parimatch Ukraine на Web Summit 2022

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/chs-2022-franciya-avstraliya-divitisya-onlayn-matchu-ta-pryama-translyaciya-gri-22-11-2022-50285729.html
Title: Франція — Австралія. Онлайн-трансляція матчу ЧС-2022

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/sud-u-polshchi-skasuvav-shtraf-gazpromu-ostanni-novin-50285727.html
Title: За будівництво Північного потоку-2. Суд у Польщі скасував штраф Газпрому на 6,3 млрд доларів

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/chs-2022-ssha-ta-uels-zigrali-vnichiyu-v-matchi-chempionatu-svitu-21-11-2022-50285721.html
Title: США та Уельс на ЧС-2022 зіграли на користь Англії - відео

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/shcho-prigotuvati-tri-stravi-z-garbuza-tepliy-salat-50285590.html
Title: Цікавий експеримент. Три вдалих страви з гарбуза, — шеф-кухар

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/prodazhi-alkogolyu-ukrajina-perevikonala-plan-nadhodzhennya-akcizu-z-alkogolnih-napojiv-50285669.html
Title: Українці стали більше пити. Довоєнний план зі збору акцизу з алкоголю перевиконали, незважаючи на сухий закон на початку війни

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/metinvest-naskilki-vpalo-virobnictvo-metalurgiynoji-grupi-ahmetova-z-pochatku-2022-roku-50285644.html
Title: Все погано у Ахметова та Новинського. У Метінвесті розповіли, наскільки впали виплавка сталі та видобуток руди через війну

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/kabmin-zbilshiv-obsyag-dopomogi-agrariyam-na-100-milyoniv-novini-ukrajini-50285645.html
Title: На 100 мільйонів. Кабмін збільшив обсяг допомоги аграріям та подовжив термін дії програми

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/borotba-z-globalnim-poteplinnyam-50285545.html
Title: Глобальне потепління / В ООН уклали історичну кліматичну угоду. Яких змін варто очікувати? 21 листопада, 20:02 Наукпоп

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/kriza-v-ukrajinskiy-energetici-igor-tinniy-v-interv-yu-nv-rozpoviv-pro-ji-prichini-ta-naslidki-50285462.html
Title: «В енергетиці планова катастрофа» / Ігор Тинний про електроенергію, російське вторгнення, бізнес і напіввоєнний комунізм у держуправлінні 21 листопада, 10:57 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/shcho-bude-zi-zv-yazkom-pid-chas-blekautu-novini-ukrajini-50285468.html
Title: «Локальні точки триматимемо» / Чи буде зв’язок у разі повного блекауту — прогноз СЕО Vodafone Україна 21 листопада, 08:01 Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/nbu-anulyuvav-licenziji-finkompaniji-ta-kreditnoji-spilki-novini-ukrajini-50285614.html
Title: Рішення набуло чинності / НБУ анулював ліцензії кредитній спілці та фінансовій компанії 21 листопада, 16:44 Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/doslidzhennya-vnutrishniy-turizm-zrostaye-ale-do-vidnovlennya-galuzi-shche-daleko-novini-ukrajini-50285600.html
Title: Зимовий сезон стане випробуванням / Внутрішній туризм зростає, але до відновлення галузі ще далеко 21 листопада, 16:02 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/herson-povertayetsya-do-zhittya-zapustyat-avtobus-do-odesi-za-tizhden-vidnovlyat-elektropostachannya-50285578.html
Title: Населення міста зменшилося вчетверо / З Херсона до Одеси запускають автобусний маршрут, до підключення електропостачання залишився тиждень 21 листопада, 15:25 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/slush-skasuvav-peremogu-rosiyskogo-proektu-immigram-ostanni-novini-50285568.html
Title: Не отримають гроші / Міжнародний конкурс пітчів Slush скасував перемогу російського проєкту 21 листопада, 14:55 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0' aria-label="hit.ua"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Request Chain 49

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 70

https://gaua.hit.gemius.pl/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Ft2AyCO1KtlllsBeoq3pno5uMPJ87vlOkCNuQu5J.DH.p7d.F.cfQVzaGBwebWs1lN3rfQdpZnPc53DTx.Bh4DLVyewR/8uOLRqPq0CaQH/&fpdata=61V7TlhIRD2b_J8kYmwSHXcOy.YsK3jY8aK1FlV2VGP.h7&ltime=457&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=637c124610f01720&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Ft2AyCO1KtlllsBeoq3pno5uMPJ87vlOkCNuQu5J.DH.p7d.F.cfQVzaGBwebWs1lN3rfQdpZnPc53DTx.Bh4DLVyewR/8uOLRqPq0CaQH/&fpdata=61V7TlhIRD2b_J8kYmwSHXcOy.YsK3jY8aK1FlV2VGP.h7&ltime=457&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=637c124610f01720&fpcap=

Request Chain 99

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=N7zqDnw0NHovQU80VTBLbGNsMS9NdWRQMDlVTjFPaEUxM0UyQ1ZKRlpmSVNkSnkyd2kwYllzZzBpZzdobTA5Y1FzY3VGZDM3dTdCRTVYb3FsSTUyMzBYbUhBQlZlbzY4ZUFWOWp5ZjNocTF1bmU4Qm9TL3hmTGdmWW1ybGQ2TmN5b0ZWbHFKb0pyUzlQUElGWWU4aTRwSGM1eVhOMzdlNnlrTE1zb2Zxd0VKTEhLT1U0L1MyZjUxTmVDT1dkc01sTnduSFZldmxvUEowblE1TGhhc2gvbjgzSmhnVUZsQzY5a3FrQTVjRlBWWDlSejZiR29MVVNMTjlzTFhuTHFQeHdTUlNrM0xTTnFqMEdtSFlhMTJaTGRneitCZz09fA&cppv=2

Request Chain 108

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4uYObRhDQDxjQDzIIbO2WyUDi-0o HTTP 301
https://tpc.googlesyndication.com/simgad/12746057310092717294

Request Chain 114

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENGKL2Teh7NDfxdQ97G9Sy4&google_cver=1&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq7Ga0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq7Ga0&google_hm=MjM1NTQ0MDU2ODI4MjIyODkyNQ%3D%3D

Request Chain 115

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL3bNEIH_lWa0lWUlI2JOb8&google_cver=1&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH5AgurvO2Udt7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH5AgurvO2Udt7

Request Chain 116

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMx-hfcS-RdoQXFLlxUyG70&google_cver=1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1669075528232 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ab90699a-7e8c-48b0-a336-28c9e7c0ff95-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj%26google_hm%3DA6uQaZp-jEiwozYoyefA_5U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&google_hm=A6uQaZp-jEiwozYoyefA_5U

Request Chain 118

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHRDfBkhpZ1-nfOkIZ0lvnc&google_cver=1&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpjaBA9jucee05T1snSBgJyfzAFNfmXA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHRDfBkhpZ1-nfOkIZ0lvnc&google_cver=1&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpjaBA9jucee05T1snSBgJyfzAFNfmXA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yVmxYN0E5RTJ1RXBtQ28wb0xLdWdqMFhRcU9vNVNGR35B&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpjaBA9jucee05T1snSBgJyfzAFNfmXA

Request Chain 119

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELR6fOQ5m_Igqln3Jf23KiA&google_cver=1&google_push=ASkJ3FZTg5_W0m2AZlZtCqFlYkyiJ-NWU5GvtKbRmtHddeCV_HV-rz0fyHmmtzB_O9YITTMnLQxqxOzyEuK7AOhOX96zc-kS0BpF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZTg5_W0m2AZlZtCqFlYkyiJ-NWU5GvtKbRmtHddeCV_HV-rz0fyHmmtzB_O9YITTMnLQxqxOzyEuK7AOhOX96zc-kS0BpF HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 131

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 132

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hMY6Dm8ATyOdk4A5HNKrVA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hMY6Dm8ATyOdk4A5HNKrVA

Request Chain 133

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSR0gyUUctMVMtQzRQWg==

Request Chain 134

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3qF83gS1s7ql-2_ZKzq_Vsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8319664897839888460

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeO8BvGcZiBQqHLp2A2Mzs&google_cver=1

Request Chain 136

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARGH2QG-1S-C4PZ

Request Chain 137

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTViZmYyMTc3Nzc4NTIwMjA4M2E3YzM3NGMwODcxZGFkMjA3MmMzNQ

Request Chain 139

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=o6ns3xHvSXCePpchN_XA4g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=o6ns3xHvSXCePpchN_XA4g

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3wSSkIE8X2bwHvC209AqQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJowH_CRDPl-DQPHv5Aa6Yw&google_cver=1

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlgGe7ReXNbwFk12xOdHB4&google_cver=1

Request Chain 143

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&dcc=t

Request Chain 144

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 145

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196424035802750

151 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

232 KB
49 KB

308ms
217ms

Document
text/html

2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c38a6f2b589e5d8ad69a25c0591eb58e17e7c1fdbab9d787cf2742e1cb6bf48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 76dd69d09cb571e0-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 22 Nov 2022 00:05:25 GMT
nv-cache: 180s
server: cloudflare
x-cacheable: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 76dd69cf79dd887a-LHR
Connection: keep-alive
Content-Type: text/html
Date: Tue, 22 Nov 2022 00:05:25 GMT
Location: https://nv.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 4db9b3c5ff8c2ce981663624623e8061.jpg
static.nv.ua/shared/system/Article/posters/002/599/324/original/ 75 KB
75 KB 62ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/324/original/4db9b3c5ff8c2ce981663624623e8061.jpg?q=85&stamp=20221121132645&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afdbb88e62691db0ddbddaeaba663bea0069f79398c20428960e9f1088886a15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 11:00:20 GMT
server: cloudflare
age: 41608
etag: "c54d9c6675afaa7d52c8a607f7b9c372"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d5193b71e0-LHR
expires: Wed, 21 Dec 2022 12:31:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
85 KB 187ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a438fc5dac62e058a39fd729f8a441cfd1cdb6a4053281636ae48473172dcb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 00:05:26 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 79ms
79ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22592973
etag: "60e41fd8-944c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76dd69d5295c71e0-LHR
content-length: 37964
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 85ms
85ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22592973
etag: "60e41fd8-9578"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76dd69d5396071e0-LHR
content-length: 38264
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 nv_logo_WM.svg
static.nv.ua/images/main/ 3 KB
1 KB 85ms
84ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_logo_WM.svg?q=85&f=webp&stamp=4.114
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a250249af55b275aa53e5590ff03d59e3a13ae85b035474cb0ba2caf83934357

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 08:42:36 GMT
server: cloudflare
age: 4692
etag: W/"6371ff7c-dbb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d5396571e0-LHR

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 266ms
81ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17204
expires: Tue, 22 Nov 2022 12:05:26 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
310 B 353ms
85ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.5903209237502236&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 132 KB
45 KB 77ms
77ms Script
application/javascript 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.114
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cc5cbfc3f6d1819c288d05bcb8276fa8dc9ea183235bc9472e1785771b9d7a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 12:29:32 GMT
server: cloudflare
age: 41130
etag: W/"637b6f2c-20ff7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 76dd69d5497e71e0-LHR
expires: Wed, 22 Nov 2023 12:39:55 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 42 KB
9 KB 102ms
102ms XHR
text/html 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f87fdf36b2c18507c2660df86e51aca1f9913fde27883c0079a79ec47bb0d48c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
cf-cache-status: DYNAMIC
age: 371
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
varnish-ttl: 900.000
cf-ray: 76dd69d5498071e0-LHR

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 200ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1399 / 303 of 1000 / last-modified: 1669071986"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 22 Nov 2022 00:05:26 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 3 KB
2 KB 197ms
54ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?3
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: c02b4498ab30cdbf47ce694a9c03d0cb14225f733c1d546206c3a4854b9f1321

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-164
cdn-cachedat: 11/17/2022 00:00:34
cdn-pullzone: 139012
last-modified: Mon, 14 Nov 2022 09:33:46 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63720b7a-b8f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 87f2fff3b16be011181c478f56495e4c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
407 B 75ms
75ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 22593241
etag: W/"5e6ff361-1a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 76dd69d5498271e0-LHR
expires: Mon, 06 Mar 2023 12:11:24 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 68ms
68ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22593003
etag: "60e41fd8-d430"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76dd69d5598871e0-LHR
content-length: 54320
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 69ms
68ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 22593003
etag: "60e41fd8-e8b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76dd69d5598a71e0-LHR
content-length: 59576
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 67ms
67ms Font
application/octet-stream 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:25 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 15500051
etag: "616eaf71-3914"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 76dd69d5598d71e0-LHR
content-length: 14612
expires: Sat, 27 May 2023 14:31:14 GMT

GET
H2 200 f58ba27ddebb8933600c7e4aa1c8727e.png
static.nv.ua/shared/system/opinion_authors/avatars/000/013/012/original/ 6 KB
6 KB 82ms
77ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/013/012/original/f58ba27ddebb8933600c7e4aa1c8727e.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dcbec50c3feabf65f27b1ad50f53fa1c9662c951f3284f253fa70de35cb31ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 13880
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 12:35:09 GMT
server: cloudflare
etag: "e8b6ad1d9ee5fb85d65f15ce1ec9359c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599c971e0-LHR
expires: Wed, 21 Dec 2022 20:14:06 GMT

GET
H2 200 5db5660774116573c3e64d58448ccb15.png
static.nv.ua/shared/system/opinion_authors/avatars/000/014/030/original/ 11 KB
11 KB 83ms
78ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/014/030/original/5db5660774116573c3e64d58448ccb15.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba08489b6cd0249cd2f71055650bc13819178ae1efb36c335bce1f98eab5c4b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 17214
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 12:51:13 GMT
server: cloudflare
etag: "90226affc07bcaaa7f7b7258a6253b96"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599ca71e0-LHR
expires: Wed, 21 Dec 2022 19:18:32 GMT

GET
H2 200 46eb8c4a861415b0a33f7c2c27a9ca10.png
static.nv.ua/shared/system/opinion_authors/avatars/000/015/679/original/ 11 KB
11 KB 82ms
78ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/015/679/original/46eb8c4a861415b0a33f7c2c27a9ca10.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67790f5220d198e21324bf1466ffeb4b5002adca1f045b82823a458c06adcb53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 20157
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 01:16:18 GMT
server: cloudflare
etag: "aba1bc39bda5199f10accf308f30079b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599cb71e0-LHR
expires: Wed, 21 Dec 2022 18:29:29 GMT

GET
H2 200 af4e5f4e3fb76438266fd43036b2c8f1.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/374/original/ 11 KB
11 KB 82ms
78ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/374/original/af4e5f4e3fb76438266fd43036b2c8f1.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2642cfcd2d588fbc25af0067cbaed47cc904ec9e911df8e9673781f08af793

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 625308
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 14 Nov 2022 16:34:26 GMT
server: cloudflare
etag: "71f6adf8db529d78c9ecc98273370905"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599cc71e0-LHR
expires: Wed, 14 Dec 2022 18:23:38 GMT

GET
H2 200 19ff66cc7865fe063ce9f93b1bf65c14.png
static.nv.ua/shared/system/top_images/images/000/000/074/original/ 5 KB
6 KB 78ms
78ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/074/original/19ff66cc7865fe063ce9f93b1bf65c14.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 209855
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 19 Nov 2022 11:53:46 GMT
server: cloudflare
etag: "b69f13d84a9dfe9b65c2f96e6500ba75"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599cd71e0-LHR
expires: Mon, 19 Dec 2022 13:47:51 GMT

GET
H2 200 9c01ef32f3c4483332ca2e1a4b9a3b25.png
static.nv.ua/shared/system/top_images/images/000/000/076/original/ 10 KB
10 KB 75ms
74ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/076/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 2027532
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "363bb42bf07661e5c12073e3f65c631b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599d171e0-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 2c379b42d42047eca51b5e9a7ad8181b.png
static.nv.ua/shared/system/top_images/images/000/000/078/original/ 5 KB
5 KB 75ms
74ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/078/original/2c379b42d42047eca51b5e9a7ad8181b.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
age: 2027532
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "4662828e117d218016ebdf7a90b3b354"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599d671e0-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 79bce309a8b5e05d0e59abe636bc0720.jpg
static.nv.ua/shared/system/Article/posters/002/599/677/original/ 61 KB
62 KB 75ms
75ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/677/original/79bce309a8b5e05d0e59abe636bc0720.jpg?q=85&stamp=20221121182753&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52a13bb28451e1b6639cb5bce3bfe321066d1b76ef40019533d77d2372626a85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 16:02:58 GMT
server: cloudflare
age: 24883
etag: "49800e822dd5f945c3bdd4b5e905be19"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599d771e0-LHR
expires: Wed, 21 Dec 2022 17:10:43 GMT

GET
H2 200 613b83648c235a3575b25b1f0453875b.jpg
static.nv.ua/shared/system/Article/posters/002/599/850/original/ 6 KB
6 KB 74ms
74ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/850/original/613b83648c235a3575b25b1f0453875b.jpg?q=85&stamp=20221122003325&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c739e4c1ad48989ba7787649af9b2e6b560c5bf65e9e1e71a725d283d2577b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 21:36:24 GMT
server: cloudflare
age: 3350
etag: "43a8d1e8a76e4b72761338b44dd7b3b3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d599d871e0-LHR
expires: Wed, 21 Dec 2022 23:09:36 GMT

GET
H2 200 04450e7414fabd9ff78a40b484a579ad.jpg
static.nv.ua/shared/system/Article/posters/002/599/834/original/ 14 KB
14 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/834/original/04450e7414fabd9ff78a40b484a579ad.jpg?q=85&stamp=20221121223812&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260d2cecfcde6ff6e2ed2128cde688d4153a8adf856cfe09a74049c1d2db058a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 19:55:48 GMT
server: cloudflare
age: 11163
etag: "fc99f884c3ae7f55619847048374e122"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d66aa171e0-LHR
expires: Wed, 21 Dec 2022 20:59:23 GMT

GET
H2 200 ad0a3cb92bab50addeaee2a0eaf15c07.jpg
static.nv.ua/shared/system/Article/posters/002/599/832/original/ 15 KB
15 KB 53ms
52ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/832/original/ad0a3cb92bab50addeaee2a0eaf15c07.jpg?q=85&stamp=20221121223114&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a1cdd2426af302633c1c5ab139d80d62908a2e363f3fba9bc9984e720477f41

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 19:42:35 GMT
server: cloudflare
age: 11098
etag: "8fd161dbce3f741bf9c45804a54b1c30"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d67aa971e0-LHR
expires: Wed, 21 Dec 2022 21:00:28 GMT

GET
H2 200 0d785dd5526618fa8fe0370c68da44c8.jpg
static.nv.ua/shared/system/Article/posters/002/599/803/original/ 10 KB
10 KB 52ms
51ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/803/original/0d785dd5526618fa8fe0370c68da44c8.jpg?q=85&stamp=20221121204658&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49e7367809b7b954f88aef7c7ec9d60b13a8cd847d5b2958653b3b24324be67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:38:54 GMT
server: cloudflare
age: 15071
etag: "d3fe4b70512051d712c3609c2651751a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d67aaa71e0-LHR
expires: Wed, 21 Dec 2022 19:54:15 GMT

GET
H2 200 1cfd8a3dac0152ea3ae5c80e8a854533.jpg
static.nv.ua/shared/system/Article/posters/002/599/819/original/ 2 KB
2 KB 55ms
55ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/819/original/1cfd8a3dac0152ea3ae5c80e8a854533.jpg?q=85&stamp=20221121211459&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aee686c3f03eb994839df23d29d01693f8c817b966c7db410388805cbc6b405

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:21:46 GMT
server: cloudflare
age: 16928
etag: "79d22695a0df8007b1220a90fdc06e2e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d67aab71e0-LHR
expires: Wed, 21 Dec 2022 19:23:18 GMT

GET
H2 200 ec35b1365a633c37bacccec3ad0d8f3c.jpg
static.nv.ua/shared/system/Article/posters/002/599/805/original/ 755 B
915 B 54ms
53ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/805/original/ec35b1365a633c37bacccec3ad0d8f3c.jpg?q=85&stamp=20221121210306&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a513839dfbe4a79affbdda72c42ce65f037664e4e92a17165b76fe6c337476c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 18:10:30 GMT
server: cloudflare
age: 17349
etag: "3a7c8e829b5f40aac439d810cc1226b8"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d67aad71e0-LHR
expires: Wed, 21 Dec 2022 19:16:17 GMT

GET
H2 200 567883e0f414b718bb2cd1318549f2c0.jpg
static.nv.ua/shared/system/Article/posters/002/599/779/original/ 7 KB
7 KB 56ms
56ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/779/original/567883e0f414b718bb2cd1318549f2c0.jpg?q=85&stamp=20221121204229&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f61f01a1aaed6ad4472fa1516de41fdad8849f162f80ea53db8dccb92f3b36f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 17:50:20 GMT
server: cloudflare
age: 18766
etag: "fa11b3487c2799297aec916505edacb5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d68ab671e0-LHR
expires: Wed, 21 Dec 2022 18:52:40 GMT

GET
H2 200 647adb2306982940754daeeeece14e21.jpg
static.nv.ua/shared/system/Article/posters/002/599/286/original/ 7 KB
7 KB 54ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/286/original/647adb2306982940754daeeeece14e21.jpg?q=85&stamp=20221121085403&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e83dbe0fec7f0a61a2768fceca412bd7ff0211bceadcdc1378a73ea0e82ea23e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 05:55:26 GMT
server: cloudflare
age: 61594
etag: "51ae822be88ea2fd6f4d10058190e87b"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6baf471e0-LHR
expires: Wed, 21 Dec 2022 06:58:52 GMT

GET
H2 200 dddbe4b6012bcb821be7d214b466cc20.jpg
static.nv.ua/shared/system/Article/posters/002/599/413/original/ 6 KB
6 KB 52ms
52ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/413/original/dddbe4b6012bcb821be7d214b466cc20.jpg?q=85&stamp=20221121130838&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e4ce09e9160ba654bbaeb3b548f59e9ca21895dea3bb1a1ad14a90f10fb1fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 10:35:31 GMT
server: cloudflare
age: 44611
etag: "93e733510093afbe9eb256e12b03e0c2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6cafe71e0-LHR
expires: Wed, 21 Dec 2022 11:41:55 GMT

GET
H2 200 915b3dbb1fc8a48980032b4da04f5705.jpg
static.nv.ua/shared/system/Article/posters/002/599/711/original/ 13 KB
13 KB 59ms
58ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/599/711/original/915b3dbb1fc8a48980032b4da04f5705.jpg?q=85&stamp=20221121185123&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608c13904cb1fba1e1865f4830225d8dbcd5f1d80337820e11c771eae14c9e2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 16:00:22 GMT
server: cloudflare
age: 25173
etag: "9b913841551c32d5c5e166b971428304"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6cb0471e0-LHR
expires: Wed, 21 Dec 2022 17:05:53 GMT

GET
H2 200 f0c1a339b9e29d3737d7386d4702178a.jpg
static.nv.ua/shared/system/Article/posters/002/598/507/original/ 238 KB
238 KB 60ms
60ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/507/original/f0c1a339b9e29d3737d7386d4702178a.jpg?q=85&stamp=20221118180959&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f540d1a6b404f7750ab530c53dec79a68fe3d36f607cc1b021b9eed17a574578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Mon, 21 Nov 2022 06:52:08 GMT
server: cloudflare
age: 56185
etag: "b46f321089bdf8f35cf87d010e7f201d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6cb0571e0-LHR
expires: Wed, 21 Dec 2022 08:29:01 GMT

GET
H2 200 bd9b2cf1233f3e27a07ffb3f9c9e1bc0.jpg
static.nv.ua/shared/system/Article/posters/002/598/990/original/ 23 KB
23 KB 55ms
55ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/990/original/bd9b2cf1233f3e27a07ffb3f9c9e1bc0.jpg?q=85&stamp=20221119203820&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f52e10739a651c0f36c3050528cd26ce30824a01b996f4f8f279d9640ad4d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 05:28:41 GMT
server: cloudflare
age: 148076
etag: "0c82c67714b2086617326ec83bf9451b"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6cb0771e0-LHR
expires: Tue, 20 Dec 2022 06:57:30 GMT

GET
H2 200 285d55d2c55746c8667b0e5e152d31a6.jpg
static.nv.ua/shared/system/Article/posters/002/598/844/original/ 15 KB
15 KB 86ms
86ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/844/original/285d55d2c55746c8667b0e5e152d31a6.jpg?q=85&stamp=20221119133057&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077b7597f7d8565cc0a17a1eb7b27a44deb1a769a1c48ac86518a75e7ac4975b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 11:07:50 GMT
server: cloudflare
age: 208400
etag: "6c01342f50226cc4ea717f696ba5b0c3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d6db1e71e0-LHR
expires: Mon, 19 Dec 2022 14:12:06 GMT

GET
H2 200 010cb265a66bded507c8f9ea6b3c72f8.jpg
static.nv.ua/shared/system/Article/posters/002/597/996/original/ 24 KB
25 KB 63ms
63ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/597/996/original/010cb265a66bded507c8f9ea6b3c72f8.jpg?q=85&stamp=20221117185053&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c44a12f1e836166c66a066e8a2ec374fb67199138edda0a5a3012a5f057e323

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 17:40:17 GMT
server: cloudflare
age: 364538
etag: "2cdf791d895b7d762afd358af0ce1931"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d71b5371e0-LHR
expires: Sat, 17 Dec 2022 18:49:48 GMT

GET
H2 200 5c2ab02f62744a1348b2fc567fa06eee.jpg
static.nv.ua/shared/system/Article/posters/002/598/648/original/ 94 KB
94 KB 60ms
60ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/598/648/original/5c2ab02f62744a1348b2fc567fa06eee.jpg?q=85&stamp=20221118194703&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2308550235c1ad5d554ee51e1f92a78f23ca8d9d9df73554bf5f12a12ce5cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 08:24:44 GMT
server: cloudflare
age: 224737
etag: "eabe1633a2157d37eba66f011f18ce40"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d71b5871e0-LHR
expires: Mon, 19 Dec 2022 09:39:49 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/c/ 389 KB
114 KB 53ms
53ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/c/ym.js?3
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: c1d51ae45c50840430b9c4ce1133c779130f66e68cd66a9fd79cf5e85b228969

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-169
cdn-cachedat: 11/17/2022 00:00:34
cdn-pullzone: 139012
last-modified: Mon, 14 Nov 2022 09:33:37 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 304
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63720b71-612dd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 583bd7fad707afc667bc225defd40e38
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 183ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Nov 2023 21:58:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
746 B 199ms
66ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Tue, 22 Nov 2022 00:05:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
56ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Nov 2022 23:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2437
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 22 Nov 2022 01:24:49 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

7 KB
3 KB

53ms
53ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 513729
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHZ0GZEF2031E05G3Y5ZDWP3-lhr
server: cloudflare
etag: W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76dd69d83ac6067a-LHR

Redirect headers

date: Tue, 22 Nov 2022 00:05:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GJEA4T2094CSKNHVE01N4CX2-lhr
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 326
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 76dd69d7ca59067a-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

522cb7b9ef76ec114ab47d1443ebd44ed77d255616c1d551dd918d2598a3fa17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Nov 2022 00:05:26 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 77ms
76ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: c1ccb81031608fb473200033235f438171fad1de35eb683afe499ce4b4c5d2d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Thu, 22 Dec 2022 00:05:26 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 90D0 5 KB
3 KB 433ms
81ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: fd6f1b9b4b0891e3ff67edc18a188f230f4df4d9463e9cc8113d46e9b2b957a9

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 00:05:26 GMT
etag: PRIVATE7520710249
expires: Thu, 22 Dec 2022 00:05:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
340 B 357ms
60ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oeb90&_p=643968857&_gaz=1&cid=411382701.1669075526&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669075526&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=page_view&_fv=1&_nsi=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 352ms
56ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=411382701.1669075526&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 361ms
65ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=411382701.1669075526&gtm=2oeb90&aip=1&z=1023052036

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
44 KB

201ms
61ms

Script
application/javascript

2600:9000:2057:c600:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 2600:9000:2057:c600:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 23:44:06 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 1281
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: R0w0GT7kuFluft33c5v3J1VXMnw0F4_r5jp1KgkGGKPva16oZ6H9bw==

Redirect headers

date: Mon, 21 Nov 2022 22:41:16 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C1
age: 5050
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: ISC23soXonxAd1HyhlsF9KAIwDQCRGRIrJmP6xwQU0kLqFGzZMivnw==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 360ms
94ms Ping
text/html 2400:52e0:1e00::863:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?NVR;desktop;C;page_desktop;d80353|f40dad
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 236 KB
76 KB 58ms
58ms Script
application/javascript 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: 91518093dc7216a7e8018b2937f685c4ba88880d91525369b60496ae49631fc2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-198
cdn-cachedat: 11/21/2022 18:49:50
cdn-pullzone: 139012
last-modified: Mon, 21 Nov 2022 18:48:25 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637bc7f9-3b120"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 4b5ea3bc717421505f24c27f629e49a4
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 179 B
864 B 162ms
54ms XHR
text/plain 2400:52e0:1e00::1055:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1055:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE1-1055 /
Resource Hash: cb9691801ad3b11a71d473f84fdd29792f5242aa0c756ff7957ce4f351d69bea

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-198
cdn-cachedat: 11/21/2022 09:18:42
cdn-pullzone: 139012
last-modified: Mon, 21 Nov 2022 08:30:20 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"637b371c-b3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: e579329c6823420fe1e6d2b10b916292
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
1 KB 383ms
124ms XHR
application/json 37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0zNzkxOWI4NC0yMTI5LTQzNTAtODc1MS1kODBkZmZjZjg1ZWY%3D&pt=gross&stid=d415a0c8-78e8-4ea4-beaa-9d62824b1320&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa4ce2b3203f6c473da47c8438723af0daa617e469fcedcfbf0872bd47a247c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 509ms
253ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f086f298243e2f2b505eb3fe7bf8b7d20136e2aac708fc3edd7acfb4b8ada1ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:26 GMT
AN-X-Request-Uuid: 995fab68-86e9-423a-830a-dff0dc60e330
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
795 B 380ms
133ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=37919b84-2129-4350-8751-d80dffcf85ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.473342361931957
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 13cdf76d4b6f437dc161ec7e4019b13ba563d48e5e9181ca2a7d8a1533b3756e

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
403 B 439ms
185ms XHR
application/json 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: ba90faa5ff295be306a039ce5cb0c006dd5bac9c871748ae73544ac5af714fcb

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Tue, 22 Nov 2022 00:05:26 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
276 B 297ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 22 Nov 2022 00:05:26 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 314ms
61ms XHR
application/json 18.184.90.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.90.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-90-3.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
accept-ch: sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 325ms
73ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=23803951953

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
562 B 327ms
78ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22151a0a516a7bb11%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22d213ae40-68fb-4b86-9cbc-771f4345009c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216e294f1e4ea31e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2216e294f1e4ea31e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ea1b7475ae2fe38c338ba0720eb92b1d6fea04f8a5f9ca1c0ef87eab1b977b

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNDQ0GaavDXGW0%2B%2BlYPePo5uGDcSmVp%2FAPol48PImbKS22iHu1rGXBsC5oWeP3JujkbTKvxjr9sV6%2B0yXSO5Q0k0Ha874I8r47GJAGDNh%2FfSe5RgaLttRaKp%2FrS%2FOurlAmBSTd9N"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 76dd69d9c9c075b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
637 B 301ms
53ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e9abd760d5806612cca904c3eff8e841f40673f03238a59d723d6629fc5d2325

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 22 Nov 2022 00:05:26 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 269ms
55ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51943557-1&cid=411382701.1669075526&jid=1285029206&uid=0&gjid=978307388&_gid=1751585912.1669075526&_u=YCDAgEABAAAAAEAAI~&z=847955848

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Nov 2022 00:05:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 162ms
53ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=643968857&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1285029206&gjid=978307388&cid=411382701.1669075526&uid=0&tid=UA-51943557-1&_gid=1751585912.1669075526&gtm=2wgb90WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=B&z=2095640346

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Nov 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15758
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 177ms
63ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 185ms
62ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 646 B
356 B 210ms
95ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1c691c3c8d5c43f979027dd7e21448b3df00ed73e691215796a87d6d43dc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2996 6 KB
3 KB 205ms
61ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 00:05:26 GMT
expires: Wed, 22 Nov 2023 00:05:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 180ms
65ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=411382701.1669075526&jid=1285029206&_u=YCDAgEABAAAAAEAAI~&z=1536027558

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=411382701.1669075526&jid=1285029206&_u=YCDAgEABAAAAAEAAI~&z=1536027558

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1669075526742/
Redirect Chain

https://gaua.hit.gemius.pl/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv....
https://gaua.hit.gemius.pl/__/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
423 B

151ms
151ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Ft2AyCO1KtlllsBeoq3pno5uMPJ87vlOkCNuQu5J.DH.p7d.F.cfQVzaGBwebWs1lN3rfQdpZnPc53DTx.Bh4DLVyewR/8uOLRqPq0CaQH/&fpdata=61V7TlhIRD2b_J8kYmwSHXcOy.YsK3jY8aK1FlV2VGP.h7&ltime=457&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=637c124610f01720&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: fa703c76ee0662131ab849ef0aec97d9ac4313beac4b10f6b4863383646631be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 21 Nov 2022 00:05:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:26 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1669075526742/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=Ft2AyCO1KtlllsBeoq3pno5uMPJ87vlOkCNuQu5J.DH.p7d.F.cfQVzaGBwebWs1lN3rfQdpZnPc53DTx.Bh4DLVyewR/8uOLRqPq0CaQH/&fpdata=61V7TlhIRD2b_J8kYmwSHXcOy.YsK3jY8aK1FlV2VGP.h7&ltime=457&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=637c124610f01720&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 21 Nov 2022 00:05:26 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 173ms
64ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 178ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 137 KB
38 KB 645ms
645ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3336439067194944&correlator=3478036914181002&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=2634643367&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_adform%3Dbanner%26hb_source_adform%3Dclient%26hb_size_adform%3D300x600%26hb_pb_adform%3D8.30%26hb_adid_adform%3D20a4e716cda4b5e%26hb_bidder_adform%3Dadform%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D8.30%26hb_adid%3D20a4e716cda4b5e%26hb_bidder%3Dadform&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DC%26traffic_source%3Ddirect&sc=1&cookie=ID%3D5e8bbd3e21ebda3a%3AT%3D1669075526%3AS%3DALNI_MaZNzF3MLxyUhNVDevh_vlIB0JANw&gpic=UID%3D00000b85356d5ed4%3AT%3D1669075526%3ART%3D1669075526%3AS%3DALNI_Ma0b_7p7cL2S9FxcQXjYM_BXefUVA&abxe=1&dt=1669075526927&lmt=1669075526&dlt=1669075525900&idt=652&adxs=1114&adys=1195&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=411382701.1669075526&ga_sid=1669075527&ga_hid=643968857&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

771199206c16fefa22bccf96eaf7e9d3b84b8fb6e2ebf99f9e200c30cf8140db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39247
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 54ms
53ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:47:30 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
age: 19076
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: WmhfcSLR9lbOpXhlBXk7HtmTyKc0xvhbrW8u-P2MLTBkwBkRYQJZ-Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
456 B 273ms
89ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=DNlzk5UB1GSdD&cb=0&ws=1600x1200&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_52659631%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_791749445%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: QWGG54T63AJWF39TR6XA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tCDGAZSkCQvp8TPpCpvISVOF0mQMSYwqsiHsPbiglj13MQjBWf6y6g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 162ms
53ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
date: Mon, 21 Nov 2022 03:05:19 GMT
x-amz-cf-pop: FRA56-C1
age: 75609
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: JFNvduLGeCwCgt71z5XggLXXx4fIEgkMK_ZtUdRnrxvHF5A8DYPTKQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
76ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d21c6d35ef2767d79bdcc914f5bedb4f8121e9553a7e599f11382bad7400356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11341
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 185ms
63ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 00:05:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCE0 13 KB
5 KB 164ms
53ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 22:50:26 GMT
expires: Tue, 21 Nov 2023 22:50:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B75D 783 B
536 B 183ms
67ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a8d325574bb3a1968411de8ed3c6f275b085d0433be882f67249f7208e30ae3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zob84RyyRWkGdtJFtt562A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Zob84RyyRWkGdtJFtt562A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 00:05:27 GMT
expires: Tue, 22 Nov 2022 00:05:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 301ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Nov 2022 00:05:27 GMT

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame FCE0 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:42:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B75D 0
0 91ms
91ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3336439067194944&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7A5 6 KB
3 KB 163ms
54ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 00:05:26 GMT
expires: Wed, 22 Nov 2023 00:05:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FCE0 0
10 B 54ms
54ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i7Byow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E1AB 15 KB
6 KB 176ms
57ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 00:05:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 617530
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 189ms
65ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Nov 2022 00:05:27 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame B7A5 9 KB
4 KB 170ms
55ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 09:52:43 GMT

GET
H2 200 cc1b8d1e1903d75e43ed2b2152915588.js Show response
www.gstatic.com/mysidia/ Frame B7A5 18 KB
8 KB 175ms
59ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 08:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 21:18:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 08:18:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B7A5 2 KB
1 KB 180ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 23:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Nov 2022 00:05:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7A5 2 KB
765 B 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 15:35:45 GMT

GET
H2 200 2c96be29c806e6a30d72c34b34031cd2.js Show response
www.gstatic.com/mysidia/ Frame B7A5 5 KB
3 KB 168ms
54ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Feb 2023 03:02:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B7A5 23 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 14:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:34:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7A5 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 14:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:34:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B7A5 18 KB
7 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 15:35:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B7A5 0
0 65ms
64ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-3jO3HwUa4ellp_Iow1k4ckop5jYFgF4XfKnp3K0bLg8zMSXWeebSOVgs1uSuX3o-OpAUwpw0FYtTjcV7TfLrrJ-m0Q
Requested by: Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7A5 154 KB
47 KB 172ms
63ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 00:05:27 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame B7A5 34 KB
14 KB 162ms
54ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 09:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Feb 2023 09:52:43 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E1AB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=N7zqDnw0NHovQU80VTBLbGNsMS9NdWRQMDlVTjFPaEUxM0UyQ1ZKRlpmSVNkSnkyd2kwYllzZzBpZzdobTA5Y1FzY3VGZDM3dTdCRTVYb3FsSTUyMzBYbUhBQlZlbzY4ZUFWOWp5ZjNocTF1bmU4Qm9TL3hmTGdmWW1ybG...

420 B
648 B

173ms
56ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=N7zqDnw0NHovQU80VTBLbGNsMS9NdWRQMDlVTjFPaEUxM0UyQ1ZKRlpmSVNkSnkyd2kwYllzZzBpZzdobTA5Y1FzY3VGZDM3dTdCRTVYb3FsSTUyMzBYbUhBQlZlbzY4ZUFWOWp5ZjNocTF1bmU4Qm9TL3hmTGdmWW1ybGQ2TmN5b0ZWbHFKb0pyUzlQUElGWWU4aTRwSGM1eVhOMzdlNnlrTE1zb2Zxd0VKTEhLT1U0L1MyZjUxTmVDT1dkc01sTnduSFZldmxvUEowblE1TGhhc2gvbjgzSmhnVUZsQzY5a3FrQTVjRlBWWDlSejZiR29MVVNMTjlzTFhuTHFQeHdTUlNrM0xTTnFqMEdtSFlhMTJaTGRneitCZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06365601f636a1986b4b1b714a1f9b1d3567192167a3cc1c93d0e22d346298f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1414063
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=N7zqDnw0NHovQU80VTBLbGNsMS9NdWRQMDlVTjFPaEUxM0UyQ1ZKRlpmSVNkSnkyd2kwYllzZzBpZzdobTA5Y1FzY3VGZDM3dTdCRTVYb3FsSTUyMzBYbUhBQlZlbzY4ZUFWOWp5ZjNocTF1bmU4Qm9TL3hmTGdmWW1ybGQ2TmN5b0ZWbHFKb0pyUzlQUElGWWU4aTRwSGM1eVhOMzdlNnlrTE1zb2Zxd0VKTEhLT1U0L1MyZjUxTmVDT1dkc01sTnduSFZldmxvUEowblE1TGhhc2gvbjgzSmhnVUZsQzY5a3FrQTVjRlBWWDlSejZiR29MVVNMTjlzTFhuTHFQeHdTUlNrM0xTTnFqMEdtSFlhMTJaTGRneitCZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 591889
content-length: 0
expires: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B7A5 32 KB
32 KB 199ms
67ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSbL5P4yItTn0grRGPKtUu0OJh_zoEJrhldOnj2bj1NuEdt1_9o2mg7YV5_xoI&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b752c2afb32cc2d0280156f07566f510bdfc105982308a520101116c6915ab41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 17:38:39 GMT
x-content-type-options: nosniff
age: 109609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32923
x-xss-protection: 0
last-modified: Sat, 02 Jul 2022 06:29:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 20 Nov 2023 17:38:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B7A5 22 KB
22 KB 185ms
54ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8S69YmWjyXm4JiylQk110e15zbxk-JmoeXqZ7PrJ1rHHkVEUZoSKzHa4FeHU&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3717ab4f8ae2b12386afc2bea13961bf66c471e839618212741ab91512e91591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 23:06:51 GMT
x-content-type-options: nosniff
age: 349117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22273
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 00:51:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 17 Nov 2023 23:06:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B7A5 16 KB
17 KB 184ms
53ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR9guoKYRunauvsvKUFqf74X4q29FRz1RAz0NIkqClBNaEmM-Ov5Vzvdk4-8w&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

776ead73aa5e5610f0c47fe44fd95185896801cdff5ee2be88ae5ea0ab45ab73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 06:25:01 GMT
x-content-type-options: nosniff
age: 236427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16486
x-xss-protection: 0
last-modified: Sat, 06 Aug 2022 03:03:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 06:25:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B7A5 23 KB
23 KB 200ms
69ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQmZYbD9kmKqZY97kpasnV38HXJEJmNOjETyYZhYxEOlGi5g_ihl7koAzL-SVY&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6238bf801b22debf93c2fac98b73127f6f47eea91fb9e0c7c4f37fa2202e1f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:47:21 GMT
x-content-type-options: nosniff
age: 407887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23843
x-xss-protection: 0
last-modified: Wed, 04 May 2022 02:24:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 17 Nov 2023 06:47:21 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B7A5 14 KB
15 KB 185ms
54ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSp_BhXCnH-hwr2w8CFgl_yeXvGeiyKpGdFT1S6qgKUnDOiVa87Wy-Cm1wCqQ&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7faf61e3011565096d024845fde89b21cd00b4a3bfd3cc6846664ee9c033a57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:55:24 GMT
x-content-type-options: nosniff
age: 245404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14309
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 03:40:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 03:55:24 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B7A5 18 KB
18 KB 264ms
134ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRc2_TWSsfnvvWsaCzS69kSe9UYZfi5TRSZ_yU9c7AeGMU91cIyfLGU_-x-xkY&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e11f7278f986c2182f55f354125fa29e0da9873b9b4e380d09aeb2897abd3df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 23:09:38 GMT
x-content-type-options: nosniff
age: 262550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18382
x-xss-protection: 0
last-modified: Sat, 02 Jul 2022 09:09:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 23:09:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B7A5 19 KB
19 KB 236ms
105ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTgsw5fT5NqnaE0eVpzsEfK4Pf4mPMVpHyNPLtv-FNY9BRCoqWVGf4T_I81tg&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952212a99ab98b269b47c58fafb9aada19a52ee57a872a30d780794e9ea3085c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:41:19 GMT
x-content-type-options: nosniff
age: 246249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19835
x-xss-protection: 0
last-modified: Fri, 06 May 2022 13:02:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 03:41:19 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B7A5 26 KB
27 KB 196ms
54ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSmnM05n6ZaaVy3zzMU5n7fX7Ey0U8MphGa5B_X8jG-2fi6_Hv9e-j9onCU8co&usqp=CAI

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81da7f77162f18e6b70e4e1f0fc5e631c1adb3502bc603513bd662e915ceba8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:19:29 GMT
x-content-type-options: nosniff
age: 272759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26904
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 01:06:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 20:19:29 GMT

GET
H3

200

12746057310092717294
tpc.googlesyndication.com/simgad/ Frame B7A5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD4uYObRhDQDxjQDzIIbO2WyUDi-0o
https://tpc.googlesyndication.com/simgad/12746057310092717294

72 KB
72 KB

54ms
54ms

Image
image/jpeg

2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12746057310092717294

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de3d61c301823844c370e19cb06fdc19c091fdc61b3173ebacb895a6b7507d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 02:25:25 GMT
x-content-type-options: nosniff
age: 337203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74004
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 09:33:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 02:25:25 GMT

Redirect headers

date: Mon, 21 Nov 2022 04:42:23 GMT
x-content-type-options: nosniff
server: cafe
age: 69785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12746057310092717294
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Dec 2022 04:42:23 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B7A5 0
0 103ms
103ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxmo-RhJ8Y73JPJGi9u8PjMadyAHC7ZLHbena7bicD_HHraDUKhABIPT552NglQKgAf-fyKQDyAEJqQLc0rfU8yqxPuACAKgDAcgDywSqBPYBT9BzeJiHfSTX_uJn9IyhVwY7I0OzIIlV1GcaxMsC7mvfoMQz-ZZkX0vJ0Ry47SvPPBmpVWgz4u3YvBiCz6qYajXWI9rJDtGW_DVR1Rn57zq1l7ZVDhb5mVQLq5noXk9JkFQ32P_5zPrswq8ibXm8KWRQ_3FevgblKzDQXMo8w4jAGnyf6Cvf3rb09d7_O2mOp56WfBgxdQ7XJRA-ucqKM1j5M4A0Rjjt1m_KS5Z0d1wAWbNBML3_szNY5V6I6LGNPeMHcZ8m1P-mLEEVS5uF2K_PD0UcQB1WxYaPCy8_EXZqfGq8Smqfx8E_HaEWWnP_MvWJtT9RwAS5h4jz8APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH6d-3W6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDqkiPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTCogUBtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=bpXC4cXT4cg&uach_m=[UACH]&cid=CAQSOwDq26N9GOYGrzAMRTyKOrXk8WoiQY25mmm6rIvoJcLJNQtHDxqCGNMagb57muz6AUXnCehhWnVyeLu3GAEgEw&template_id=494
Requested by: Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26EB 1 KB
643 B 57ms
56ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 51165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 09:52:43 GMT
etag: 48472445140208031
expires: Tue, 22 Nov 2022 09:52:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B7A5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d8a9c5cf0330f6bf91b1880057dae30696f67de212a086cadd4070fbe01bb5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B7A5 20 KB
21 KB 178ms
56ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 21:33:43 GMT
x-content-type-options: nosniff
age: 268305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 21:33:43 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 26EB 0
104 B 287ms
95ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECBK8YkRdqUb2y4FCVb-XH0&google_cver=1&google_push=ASkJ3FbAfDpBiNP8SE6bHRg0EXF6JwQ0eBTDlUljokjTLum8GgdCDMLp13UfZtsMJyBiFiOU4MGnmNHdJZYGxyrXmJdCNaa__xw
Requested by: Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26EB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENGKL2Teh7NDfxdQ97G9Sy4&google_cver=1&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq7Ga0&google_hm=MjM1NTQ0MDU2ODI4MjIyODk...

170 B
232 B

64ms
64ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq7Ga0&google_hm=MjM1NTQ0MDU2ODI4MjIyODkyNQ%3D%3D

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Nov 2022 00:05:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbe37GDOIH78TdtqV7mdPB2xC61IsORu--gcK6S6vg58z0P_FwiRmQd94Is2Fl0UYSEN1jnrmDsdOAN_5fFpFA4xPq7Ga0&google_hm=MjM1NTQ0MDU2ODI4MjIyODkyNQ%3D%3D
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 26EB
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL3bNEIH_lWa0lWUlI2JOb8&google_cver=1&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH5AgurvO2Udt7

170 B
329 B

64ms
63ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH5AgurvO2Udt7

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Nov 2022 00:05:28 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3Fbvh7axT1Kck4sdYZW8EaWtODnez7sQsC-sl1gxNcVav3n6lt-3KkurMTbtUoc7o8ABi69IbiKJqHOL8YKH5AgurvO2Udt7
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Hd19Mg-KQ7HQjWAlPYdSS2x3-j--KZpAnv2UlTqCUH-fe6GbiXlJTg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26EB
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-ab90699a-7e8c-48b0-a336-28c9e7c0ff95-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FYKLNDGM6FUZq__D6rqQ...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&google_hm=A6uQaZp-jEiwozYoyefA_5U

170 B
188 B

65ms
65ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&google_hm=A6uQaZp-jEiwozYoyefA_5U

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FYKLNDGM6FUZq__D6rqQ9jFMZjhBOdFaJ_kP64AANWOzVft5A1WD3EQBPDWSDnDllbirDJ3cirUcpYNgDgzDA6_mcPHN9Lj&google_hm=A6uQaZp-jEiwozYoyefA_5U
date: Tue, 22 Nov 2022 00:05:28 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXab90699a7e8c48b0a33628c9e7c0ff95003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 26EB 0
75 B 220ms
50ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHnOYxg_L1zscrBqLFSV00s&google_cver=1&google_push=ASkJ3FaKjbrcTZrrecGe0iUFT6imGSlw7AHiE115hxiHToASqS0x9y8pjshdGB1Hn45QcTGFq4iPh3iQp-JPz5bwsq_MlGtKHzo
Requested by: Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:27 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26EB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHRDfBkhpZ1-nfOkIZ0lvnc&google_cver=1&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpja...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHRDfBkhpZ1-nfOkIZ0lvnc&google_cver=1&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpja...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yVmxYN0E5RTJ1RXBtQ28wb0xLdWdqMFhRcU9vNVNGR35B&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66...

170 B
188 B

149ms
66ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yVmxYN0E5RTJ1RXBtQ28wb0xLdWdqMFhRcU9vNVNGR35B&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpjaBA9jucee05T1snSBgJyfzAFNfmXA

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0yVmxYN0E5RTJ1RXBtQ28wb0xLdWdqMFhRcU9vNVNGR35B&google_push=ASkJ3Fap-c25vmzNI-XFtxLSXz8luV_BjIdy9LTSi84Hd2bqkvhgEls66GAh67d67FCU3sKpjaBA9jucee05T1snSBgJyfzAFNfmXA
date: Tue, 22 Nov 2022 00:05:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 26EB
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELR6fOQ5m_Igqln3Jf23KiA&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZTg5_W0m2AZlZtCqFlYkyiJ-NWU5GvtKbRmtHddeCV_HV-rz0fyHmmtzB_O9YITTMnLQxqxOzyEuK7AOhOX96zc-kS0BpF
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

77ms
77ms

Image
image/gif

23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 00:05:28 GMT
pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 26EB 0
232 B 192ms
62ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDV83rfXpOz247N8r-TcgZYDvAi6C7mgAQs6bXRgCYQY601JhiL0D2XyL240xH-sxO8voCee4

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7A5 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAFEAwBAoNEAMhAAAANDN7d0AwBAoNEAohAAAAAM3MCEAwBAoNEA0hAAAAAAAAAAAwBAoNEB4qBzMwMHg2MDAwBAoNEBkqBzMwMHg2MDAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAzcy8d0AwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAJEAwBAoNEAUhAAAAZ2a-d0AwBAoNEBAhAAAAAAASp0AwBAoNEBEhAAAAAACX00AwBAoNEBIhAAAAAAAAHEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAzczUe0AwBBIaQ0wyRWotLS13UHNDRlJHUl9RY2RER01IR1EiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3336439067194944&bg=!2Nul25_NAAbvMpMzzzI7ACkAdvg8WrLp6GOmBWr8VKU53twFFoPHfeja8QNtfLMwOq8I0A2X1UohhgIAAABCUgAAAAJoAQeZApa0R6gJLx6m4DX3BmNrE-BRU4lJVFGhIk-q6G_U3BtPKD2o2K22BOveYLad18QpmxUCTRW1VjDOGtlKfPYugmc28hz_NI04DV8_USb920jBFV8gNTLa2nVfM7N3lLlEg5XRME9lKcfYzGT93pjKt72n2J7JXpUcGcY0LJZ5q_52xlDDWTbQAbFS46UjmM2D8DhBnWJQYjY-dseVHpuw6a8pekZEnLkXFEKkLx9zU3fOY4pu8ZETNSvXtHH_trZ-L71XU7Qk5UOmjjKFdvcrDKB8GHSUiIyZmoWWXzOx3nWpsT9epjMdJ8tMUwYp5uKRSYqIFukfuG9OnAda6U2Pj3PFgn-Qf_QDVJGNb2wOgaXu0bwg8Eyk09rm-FFlAcLYS3xY0QOquFxMdkuiXPVuUeSrcbrYMZnBZnnagskRKeF5hxOKGVErBho-7_AKL23JJxv1S2idWGz3zHvJBGwbGV_QLvjVsJY03BTmMQeaITFAmu3b1HN0AmZ9RxOid-7-rGwTId_XiaJ5FFVY0_hjIy3D5BvSAicB0wutiKYRkRftKv7nno0IdrtaKrM0uO7fgUpRM46LE6dVwCE4Q6UwCQ_aLUr6esGOO4yeApOcVLAjZ61xp07WmEx_XdlOVrpA-H-yTujiWFXDUB3nA6hR9tPlWZeRndcPYCtoVjVBNGrJbVcsSAhC34kJaEk7P4qFtIwn3y3W0t4Ih9QstkQbDd0X9YXwT7j_11J3rqHCpKT2wseb8-oB-Phx2Q0CAW7fc2ZZp8NYnFIKP1p2h0O8imnJbt3ZKjKXirKnynOi56acA_M4kbTf4ZEU-anSNTAj3bePNb_grxvUp5uXWzbZOQ2AHTPTy8HXG8E2ouQ1lzYqHTvsO4PtuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame AD30 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
URL: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 21:42:41 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7A5 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAJB190AwBAoNEBUhAAAAAAAANkAwBAoNEBYhAAAAAAAALkAwBAoNEBghAAAAmpmBhUAwBAoNEDIhAAAAADQz0z8wBAoNEDMhAAAAAAAA8D8wBAoNEDQhAAAAAAAA8D8wBAoNEDUhAAAAAAAA8D8wBAoNEDYhAAAAnJl5W0AwBAoNEDchAAAAAAAA8D8wBAoNEDghAAAA0MyMW0AwBAoNEDkhAAAAAACAZEAwBAoNEDohAAAANDPDZEAwBAoNEDshAAAAZ2bOe0AwBAoNEDwhAAAAZ2bOe0AwBAoNED0hAAAAzczUe0AwBAoNED4hAACAMzNLhUAwBAoNED8hAACAMzNLhUAwBAoNEEAhAAAAAACchUAwBBIaQ0wyRWotLS13UHNDRlJHUl9RY2RER01IR1EiEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cc1b8d1e1903d75e43ed2b2152915588.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame F630 3 KB
2 KB 181ms
50ms Document
text/html 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 443
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 76dd69eef8297791-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 22 Nov 2022 00:05:30 GMT
expires: Tue, 22 Nov 2022 04:05:30 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 66A0 281 B
554 B 173ms
54ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Nov 2022 00:05:30 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1C50 37 B
140 B 175ms
61ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 22 Nov 2022 00:05:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0DBE 52 KB
17 KB 171ms
54ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/c/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 69209
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 22 Nov 2022 00:05:30 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 25, 1000539
X-Served-By: cache-lga13626-LGA, cache-hhn4049-HHN
X-Timer: S1669075530.069992,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 66A0 34 KB
10 KB 54ms
54ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 00:05:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Nov 2022 22:30:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80728
Connection: keep-alive
Content-Length: 10066
Expires: Tue, 22 Nov 2022 22:30:58 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0DBE 0
743 B 60ms
60ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
AN-X-Request-Uuid: 1ee114cf-a1d1-47be-9247-e5b87c12ea94
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 9342
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

125ms
79ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978a0fe4978aa2e0ce6a36ae8d9a248e6768bf1a35ed50bcea47bf7c4755f4f1

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76dd69f0dd8388af-LHR
content-encoding: br
content-type: text/html
date: Tue, 22 Nov 2022 00:05:30 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDUqxYLQWKWUcT0xFLfMkSlTSzF9W5x%2BKulm6aHHUZCLA4eAzXeveJ5JyZ8exhfzckc4b8F90fy9zLX7AzndrEUqTo0NpYoT5owg8%2F5a1aUWWCDYcxYAwNVJ5jdJDoYsKygN8WiThS4Wyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76dd69f01d05dc49-LHR
content-length: 0
date: Tue, 22 Nov 2022 00:05:30 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9Bfyq%2B4d3ExG8lEIdAchDsfuX3PVKDJrivStZfk0ro%2BgwpozZD%2Ffb6%2B4lw6VYzz1PK4Nsyfjw9AVne41eyuanWqIpKWcct5dO41eF2PbTJGuleCg%2BA4IyW3ZeZcMj6%2FRMqFu6aHGjyU0A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 66A0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hMY6Dm8ATyOdk4A5HNKrVA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hMY6Dm8ATyOdk4A5HNKrVA

43 B
720 B

204ms
204ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hMY6Dm8ATyOdk4A5HNKrVA

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1031630QF6FJ20TR6ME7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hMY6Dm8ATyOdk4A5HNKrVA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66A0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSR0gyUUctMVMtQzRQWg==

170 B
188 B

69ms
67ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSR0gyUUctMVMtQzRQWg==

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFSR0gyUUctMVMtQzRQWg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/3qF83gS1s7ql-2_ZKzq_Vsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8319664897839888460

0
239 B

55ms
55ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8319664897839888460
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 22 Nov 2022 00:05:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8319664897839888460
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 66A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeO8BvGcZiBQqHLp2A2Mzs&google_cver=1

0
239 B

229ms
55ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeO8BvGcZiBQqHLp2A2Mzs&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELeO8BvGcZiBQqHLp2A2Mzs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 66A0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARGH2QG-1S-C4PZ

0
921 B

307ms
174ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARGH2QG-1S-C4PZ
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:30 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C24B3CDDC281467FB553EE20E08858C3 Ref B: FRAEDGE1510 Ref C: 2022-11-22T00:05:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXuA+4c//Ckg1yPi3c/hg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LARGH2QG-1S-C4PZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTViZmYyMTc3Nzc4NTIwMjA4M2E3YzM3NGMwODcxZGFkMjA3MmMzNQ

170 B
188 B

70ms
68ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTViZmYyMTc3Nzc4NTIwMjA4M2E3YzM3NGMwODcxZGFkMjA3MmMzNQ

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTViZmYyMTc3Nzc4NTIwMjA4M2E3YzM3NGMwODcxZGFkMjA3MmMzNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 66A0 70 B
265 B 178ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 66A0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=o6ns3xHvSXCePpchN_XA4g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=o6ns3xHvSXCePpchN_XA4g

43 B
479 B

124ms
124ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=o6ns3xHvSXCePpchN_XA4g

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YY68CNY2N136CMF5737D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=o6ns3xHvSXCePpchN_XA4g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9342 70 B
264 B 59ms
59ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9342
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3wSSkIE8X2bwHvC209AqQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJowH_CRDPl-DQPHv5Aa6Yw&google_cver=1

43 B
765 B

58ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJowH_CRDPl-DQPHv5Aa6Yw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJowH_CRDPl-DQPHv5Aa6Yw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 9342
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlgGe7ReXNbwFk12xOdHB4&google_cver=1

43 B
843 B

73ms
72ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlgGe7ReXNbwFk12xOdHB4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji7mnHlmW7SJkJvv3LjN5NLKI8AorrZ4OyH354RmqLcyZKuPSizfJzUBXaiYbupcToifRq5SyMmjyvjZson6IXEc3SvNvZVlkyKDg%2BUE5Lu%2FkuS3QMDPux3HAQwzY5TaGImgLPXhrzF7oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 76dd69f1ceec88af-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Nov 2022 00:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFlgGe7ReXNbwFk12xOdHB4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9342
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&dcc=t

43 B
855 B

131ms
131ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8F3M0ZY7KD7ZJ6GJ49JT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R0RR08FHMVVEDRQQ477Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9342
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
765 B

57ms
57ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 9342
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196424035802750

43 B
765 B

76ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196424035802750
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196424035802750
Date: Tue, 22 Nov 2022 00:05:30 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.0 503
Service Unavailable indexexchange
sync.adotmob.com/cookie/ Frame 9342 0
0 202ms
67ms Image
text/html 185.183.112.155
VP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_128_GCM
Server: 185.183.112.155 Paris, France, ASN60350 (VP, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9342 43 B
602 B 60ms
60ms Image
image/gif 2a05:d018:d29:3602:fe88:ebd2:7b5:6ad
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y3wSSkIE8X2bwHvC209AqQAAAs8AAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:fe88:ebd2:7b5:6ad Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9342 43 B
352 B 174ms
57ms Image
image/gif 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y3wSSkIE8X2bwHvC209AqQAA%26719
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:05:30 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 5816
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76dd69f21be2dd1f-LHR
content-length: 43
expires: Wed, 23 Nov 2022 00:05:30 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0DBE 0
743 B 57ms
57ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Nov 2022 00:05:31 GMT
AN-X-Request-Uuid: c756b3d0-6ab4-4d70-a62e-3fe461c635f4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oeb90&_p=643968857&cid=411382701.1669075526&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=2&sid=1669075526&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=ad_impression&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&ep.query_id=CL2Ej---wPsCFRGR_QcdDGMHGQ&_et=1264

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 07:37:56	Name: XSRF-TOKEN Value: eyJpdiI6IkVnZWtSLzlyZVRlMXNJMExtaUNua0E9PSIsInZhbHVlIjoiWEFXVS9RRnFmdzVSTm9PWHJIdVd2aitSQ2xuK1ZnS0Rmc1hRYldWWm5HYzd4S0dYTXY1VTVEd29QVGlZdEdRV2ZxZTdSN3hnc25Lem05QjdFOGJQQ0hFUVc0cDd1NjA0eVdXMVJWNW1peXMvaVQyK3dGcEprZ3RDLzYxSUdFSmQiLCJtYWMiOiI3ZjRlYzZmMzZiZWYwZDM1Zjg2ZGMyNzc4MGRlMzdhNTU2NDkzZDkzYmNlYWI5NGJiZDIwNGQ1M2I0M2E4YWE0IiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:37:56	Name: nvnew_session Value: eyJpdiI6ImlBaWZna3VsWjRDNmwrYmRPbGNKUUE9PSIsInZhbHVlIjoiQkRjLzNYQ0hnK0VCWUJabjdGOVl3ZjhySDNrZWF2bUVndThhbjdsUzNpd1krdmtSY0NUcGU0Mm1idm9kcndjZkR1MlZvNWFWbThITnBvQzM4MmhNMkhrRTZ6N2c5ZUF4TWQzNnVXem5lZzdWaWQ4NG1ONTkrcngvWXZmR2xSL3MiLCJtYWMiOiIxOTEyNGViZDJmYzE0MGM1MGJiMjlmZWZmZmMzZjMxZjlhNTc0NDBhZjY2ZmMyNDUyNTNiMDdjN2JiNzE5YmM0IiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:37:56	Name: device_type Value: desktop
.nv.ua/	1969-12-31 23:59:59	Name: test_variant_session Value: B
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 08:21:07	Name: yield_master_ab_nvr_newbidder_go2net Value: C
.nv.ua/	1970-01-20 09:47:31	Name: _gcl_au Value: 1.1.924688945.1669075526
.hit.ua/	1970-01-20 17:13:55	Name: uid Value: 282300898.1669075526.1864995892
.nv.ua/	1970-01-20 17:13:55	Name: _ga Value: GA1.2.411382701.1669075526
.nv.ua/	1970-01-20 07:39:21	Name: _gid Value: GA1.2.1751585912.1669075526
.nv.ua/	1970-01-20 07:37:55	Name: _dc_gtm_UA-51943557-1 Value: 1
.nv.ua/	1970-01-20 17:06:43	Name: __gfp_64b Value: 61V7TlhIRD2b_J8kYmwSHXcOy.YsK3jY8aK1FlV2VGP.h7\|1669075526
.rubiconproject.com/	1970-01-20 16:23:31	Name: khaos Value: LARGH2QG-1S-C4PZ
.rubiconproject.com/	1970-01-20 16:23:31	Name: audit Value: 1\|naVuGyos1qqCdWLAnEeM9q2qEsFCZ0ctSdOhPT1GMTk+4MdQUT6hVHKAcHO7NJdWqzSne0l760vHH+5S0WTXOH7y6MIaC84S
.nv.ua/	1970-01-20 16:59:31	Name: __gads Value: ID=5e8bbd3e21ebda3a:T=1669075526:S=ALNI_MaZNzF3MLxyUhNVDevh_vlIB0JANw
.nv.ua/	1970-01-20 16:59:31	Name: __gpi Value: UID=00000b85356d5ed4:T=1669075526:RT=1669075526:S=ALNI_Ma0b_7p7cL2S9FxcQXjYM_BXefUVA
.hit.gemius.pl/	1970-01-20 07:48:00	Name: Gtest Value: KlSUAMXGQMQGQ_j1IxGmsE2issGMXP8c25nSGo-M-8DRXBG.
a4p.adpartner.pro/	1970-01-20 09:04:19	Name: apuid Value: d8fd17b3-e7c5-4ad4-9fd9-309451b56a55
.adnxs.com/	1970-01-20 09:47:31	Name: icu Value: ChkIra6AARAKGAEgASgBMMak8JsGOAFAAUgBEMak8JsGGAA.
.adnxs.com/	1970-01-20 09:47:31	Name: uuid2 Value: 4643759051220772783
.hit.gemius.pl/	1970-01-20 17:06:43	Name: Gdyn Value: KlGbIMaGQMQGQ_j1IxGmsE2issGMXP8c25nSGo-M-8DRFRxSG7RrGS6Gw9cBFlMQYH8W8jBGqSRxSG8.
.doubleclick.net/	1970-01-20 16:59:31	Name: IDE Value: AHWqTUm9LWj7nR9TNSoxqNgpu97e3YfQx_2SAIWlViLOIiWyybzLU2m3SxIrVUBqDMA
.nv.ua/	1970-01-20 17:13:55	Name: _ga_52RSPD3WMK Value: GS1.1.1669075526.1.0.1669075527.59.0.0
.criteo.com/	1970-01-20 16:59:31	Name: uid Value: dbf0256b-edb5-4233-b628-be6c50f3b657
.nv.ua/	1970-01-20 16:59:31	Name: cto_bundle Value: 2hk59l9UcWZSeUx5MlZRR2pDYURKV3VSWXR0MWFxUEp4dFo5ZUVpaFlrUUdIUUpGb2NRNlVoR1NDREYwRDVET0dnQU1DZ1E4cG1hYkJ5R01VNGJrM2dBUFlNN2dJRlBZNWltOUE2SXMlMkJPR1BxU2htSWtXTktHSWNmSGVBVXVrZ3dXZDlrZXVTZHdicXMlMkJxT0lwMEZaNCUyRmtoZXclM0QlM0Q
.yahoo.com/	1970-01-20 16:23:53	Name: A3 Value: d=AQABBEgSfGMCEP6nQAUQlsETIw4d3PcgsK4FEgEBAQFjfWOFYwAAAAAA_eMAAA&S=AQAAAkUsKmWrrpsyumuTFXlVeC8
.1rx.io/	1970-01-20 16:23:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ab90699a-7e8c-48b0-a336-28c9e7c0ff95-003%22%7D
.analytics.yahoo.com/	1970-01-20 16:23:31	Name: IDSYNC Value: 18yx~28fc
.targeting.unrulymedia.com/	1970-01-20 16:23:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ab90699a-7e8c-48b0-a336-28c9e7c0ff95-003%22%7D
.casalemedia.com/	1970-01-20 16:23:31	Name: CMID Value: Y3wSSkIE8X2bwHvC209AqQAA
.casalemedia.com/	1970-01-20 09:47:31	Name: CMPS Value: 719
.casalemedia.com/	1970-01-20 09:47:31	Name: CMPRO Value: 719
.rfihub.com/	1970-01-20 16:59:31	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmZpYG5qamxgZmEOALi363YQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjEwNrUwMDI3NRDiM9Q113X18goJc_Mt9KwAAKcaUZ0lAAAA
.rfihub.com/	1970-01-20 16:59:31	Name: rud Value: H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjEwNrUwMDI3NRDiM9Q113X18goJc_Mt9KwAAKcaUZ0lAAAA
.amazon-adsystem.com/	1970-01-20 17:13:55	Name: ad-privacy Value: 0
.casalemedia.com/	1970-01-20 09:47:31	Name: CMTS Value: 2212
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:23:31	Name: bcookie Value: "v=2&dd48643b-f5f0-4162-88f8-a3655f022a4a"
.linkedin.com/	1970-01-20 11:57:07	Name: li_gc Value: MTswOzE2NjkwNzU1MzA7MjswMjHHPfpZgckFyURKetaABWCVWye4kZlk010LZzo5zsKchg==
.linkedin.com/	1970-01-20 07:39:21	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2762:u=1:x=1:i=1669075530:t=1669161930:v=2:sig=AQE7POFZVXykgaExct29Xq3xk5jYeOwc"
.amazon-adsystem.com/	1970-01-20 12:56:09	Name: ad-id Value: Ax4DQUzvIU0qo1dtCDUtBG4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
d3div1mtym39ic.cloudfront.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
f378eec3b485cd1d8177c4b5241eea94.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
nv.ua
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.ad.smaato.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.1rx.io
sync.adotmob.com
sync.targeting.unrulymedia.com
sync.teads.tv
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ym-tack.b-cdn.net
region1.analytics.google.com
104.18.36.94
137.74.6.209
142.250.186.98
146.59.30.108
151.101.65.108
172.64.151.162
172.64.154.237
178.250.2.146
18.184.90.3
185.183.112.155
185.80.39.216
185.86.137.108
193.0.160.128
2001:4860:4802:32::36
213.19.147.45
216.52.2.19
23.11.239.181
23.205.235.133
2400:52e0:1e00::1055:1
2400:52e0:1e00::863:1
2600:9000:2057:c600:11:1ed0:3900:21
2600:9000:223f:6e00:1b:5138:8a40:93a1
2602:803:c003:200::51
2606:4700:10::6816:3649
2606:4700:10::ac43:175a
2606:4700::6810:7daf
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a02:2638::1c
2a02:2638::24
2a02:fa8:8806:16::1370
2a05:d018:d29:3602:fe88:ebd2:7b5:6ad
2a0c:5c81:5142::2
3.126.56.137
3.33.220.150
37.157.5.141
37.252.171.149
51.83.200.186
52.46.130.91
52.95.115.255
64.202.112.223
65.9.71.118
69.173.144.138
69.173.144.165
76.223.111.18
89.184.81.35
99.86.3.236
04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06365601f636a1986b4b1b714a1f9b1d3567192167a3cc1c93d0e22d346298f0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077b7597f7d8565cc0a17a1eb7b27a44deb1a769a1c48ac86518a75e7ac4975b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0f679c2d4296ab6709c8958d1d8644b99c13dc37642f281bd5d98499df12b233
13cdf76d4b6f437dc161ec7e4019b13ba563d48e5e9181ca2a7d8a1533b3756e
1f1c691c3c8d5c43f979027dd7e21448b3df00ed73e691215796a87d6d43dc1c
260d2cecfcde6ff6e2ed2128cde688d4153a8adf856cfe09a74049c1d2db058a
285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
3717ab4f8ae2b12386afc2bea13961bf66c471e839618212741ab91512e91591
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42e4ce09e9160ba654bbaeb3b548f59e9ca21895dea3bb1a1ad14a90f10fb1fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
4a1cdd2426af302633c1c5ab139d80d62908a2e363f3fba9bc9984e720477f41
4aee686c3f03eb994839df23d29d01693f8c817b966c7db410388805cbc6b405
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
522cb7b9ef76ec114ab47d1443ebd44ed77d255616c1d551dd918d2598a3fa17
52a13bb28451e1b6639cb5bce3bfe321066d1b76ef40019533d77d2372626a85
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5cc5cbfc3f6d1819c288d05bcb8276fa8dc9ea183235bc9472e1785771b9d7a6
5dcbec50c3feabf65f27b1ad50f53fa1c9662c951f3284f253fa70de35cb31ec
608c13904cb1fba1e1865f4830225d8dbcd5f1d80337820e11c771eae14c9e2f
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ea1b7475ae2fe38c338ba0720eb92b1d6fea04f8a5f9ca1c0ef87eab1b977b
6238bf801b22debf93c2fac98b73127f6f47eea91fb9e0c7c4f37fa2202e1f28
67790f5220d198e21324bf1466ffeb4b5002adca1f045b82823a458c06adcb53
69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657
6d21c6d35ef2767d79bdcc914f5bedb4f8121e9553a7e599f11382bad7400356
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f2308550235c1ad5d554ee51e1f92a78f23ca8d9d9df73554bf5f12a12ce5cf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6
771199206c16fefa22bccf96eaf7e9d3b84b8fb6e2ebf99f9e200c30cf8140db
776ead73aa5e5610f0c47fe44fd95185896801cdff5ee2be88ae5ea0ab45ab73
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a513839dfbe4a79affbdda72c42ce65f037664e4e92a17165b76fe6c337476c
7c38a6f2b589e5d8ad69a25c0591eb58e17e7c1fdbab9d787cf2742e1cb6bf48
7e2642cfcd2d588fbc25af0067cbaed47cc904ec9e911df8e9673781f08af793
7faf61e3011565096d024845fde89b21cd00b4a3bfd3cc6846664ee9c033a57b
81da7f77162f18e6b70e4e1f0fc5e631c1adb3502bc603513bd662e915ceba8a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8c44a12f1e836166c66a066e8a2ec374fb67199138edda0a5a3012a5f057e323
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
91518093dc7216a7e8018b2937f685c4ba88880d91525369b60496ae49631fc2
952212a99ab98b269b47c58fafb9aada19a52ee57a872a30d780794e9ea3085c
978a0fe4978aa2e0ce6a36ae8d9a248e6768bf1a35ed50bcea47bf7c4755f4f1
99c739e4c1ad48989ba7787649af9b2e6b560c5bf65e9e1e71a725d283d2577b
9a8d325574bb3a1968411de8ed3c6f275b085d0433be882f67249f7208e30ae3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
a250249af55b275aa53e5590ff03d59e3a13ae85b035474cb0ba2caf83934357
a438fc5dac62e058a39fd729f8a441cfd1cdb6a4053281636ae48473172dcb27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
aa4ce2b3203f6c473da47c8438723af0daa617e469fcedcfbf0872bd47a247c6
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
afdbb88e62691db0ddbddaeaba663bea0069f79398c20428960e9f1088886a15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b752c2afb32cc2d0280156f07566f510bdfc105982308a520101116c6915ab41
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
ba08489b6cd0249cd2f71055650bc13819178ae1efb36c335bce1f98eab5c4b3
ba90faa5ff295be306a039ce5cb0c006dd5bac9c871748ae73544ac5af714fcb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
c02b4498ab30cdbf47ce694a9c03d0cb14225f733c1d546206c3a4854b9f1321
c1ccb81031608fb473200033235f438171fad1de35eb683afe499ce4b4c5d2d2
c1d51ae45c50840430b9c4ce1133c779130f66e68cd66a9fd79cf5e85b228969
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c49e7367809b7b954f88aef7c7ec9d60b13a8cd847d5b2958653b3b24324be67
c7d8a9c5cf0330f6bf91b1880057dae30696f67de212a086cadd4070fbe01bb5
cb9691801ad3b11a71d473f84fdd29792f5242aa0c756ff7957ce4f351d69bea
cfde0dff7c17f03aab9949cb2d2e922610484ab4f4be0a3cb3f39ee2d0c9203e
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
d9f52e10739a651c0f36c3050528cd26ce30824a01b996f4f8f279d9640ad4d1
de3d61c301823844c370e19cb06fdc19c091fdc61b3173ebacb895a6b7507d02
e11f7278f986c2182f55f354125fa29e0da9873b9b4e380d09aeb2897abd3df8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83dbe0fec7f0a61a2768fceca412bd7ff0211bceadcdc1378a73ea0e82ea23e
e9abd760d5806612cca904c3eff8e841f40673f03238a59d723d6629fc5d2325
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f086f298243e2f2b505eb3fe7bf8b7d20136e2aac708fc3edd7acfb4b8ada1ef
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f540d1a6b404f7750ab530c53dec79a68fe3d36f607cc1b021b9eed17a574578
f61f01a1aaed6ad4472fa1516de41fdad8849f162f80ea53db8dccb92f3b36f3
f87fdf36b2c18507c2660df86e51aca1f9913fde27883c0079a79ec47bb0d48c
fa703c76ee0662131ab849ef0aec97d9ac4313beac4b10f6b4863383646631be
fd6f1b9b4b0891e3ff67edc18a188f230f4df4d9463e9cc8113d46e9b2b957a9
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

nv.ua Open in urlscan Pro 2606:4700:10::6816:3649 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

85 %HTTPS

52 %IPv6

40 Domains

68 Subdomains

59 IPs

14 Countries

2157 kBTransfer

4214 kBSize

42 Cookies

113 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

85 %
HTTPS

52 %
IPv6

40
Domains

68
Subdomains

59
IPs

14
Countries

2157 kB
Transfer

4214 kB
Size

42
Cookies

151 HTTP transactions
1 data transactions