www.epravda.com.ua Open in urlscan Pro
130.211.41.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://epravda.com.ua/
Effective URL:
https://www.epravda.com.ua/
Submission: On October 25 via api (October 25th 2022, 12:20:55 am UTC) from GB — Scanned from GB

Summary HTTP 190 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 67 IPs in 13 countries across 50 domains to perform 190 HTTP transactions. The main IP is 130.211.41.16, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.epravda.com.ua. The Cisco Umbrella rank of the primary domain is 334356.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on July 15th 2022. Valid for: a year.

This is the only time www.epravda.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 22	130.211.41.16 130.211.41.16	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
7	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
20	34.111.234.95 34.111.234.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.93.104.37 142.93.104.37	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
6	188.40.114.5 188.40.114.5	24940 (HETZNER-AS) (HETZNER-AS)
3	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	138.199.37.231 138.199.37.231	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
3	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	52.59.9.89 52.59.9.89	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.48 216.52.2.48	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	108.157.6.231 108.157.6.231	16509 (AMAZON-02) (AMAZON-02)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
11	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	65.9.66.67 65.9.66.67	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	54.154.25.234 54.154.25.234	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	3.126.192.135 3.126.192.135	16509 (AMAZON-02) (AMAZON-02)
1 1	3.73.168.247 3.73.168.247	16509 (AMAZON-02) (AMAZON-02)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.118.179 52.95.118.179	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:b152:500b:646e:5f14	16509 (AMAZON-02) (AMAZON-02)
3 5	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	52.205.223.187 52.205.223.187	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.174.31 35.214.174.31	15169 (GOOGLE) (GOOGLE)
190	67

22 130.211.41.16 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 16.41.211.130.bc.googleusercontent.com

epravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.epravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.111.234.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.234.111.34.bc.googleusercontent.com

eimg.pravda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.104.37 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.40.114.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.5.114.40.188.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.231 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-231.datapacket.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.9.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-9-89.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.6.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-6-231.dus51.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-67.fra56.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.25.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-25-234.eu-west-1.compute.amazonaws.com

neural40.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.192.135 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-192-135.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.168.247 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-168-247.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.118.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:b152:500b:646e:5f14 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.54.182.161 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.242 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.223.187 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	epravda.com.ua 2 redirects epravda.com.ua — Cisco Umbrella Rank: 326012 www.epravda.com.ua — Cisco Umbrella Rank: 334356	158 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	128 KB
20	pravda.com eimg.pravda.com — Cisco Umbrella Rank: 459556	291 KB
17	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317	176 KB
12	amazon-adsystem.com 5 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 313 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205 s.amazon-adsystem.com — Cisco Umbrella Rank: 296	54 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	3 MB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 492 eus.rubiconproject.com — Cisco Umbrella Rank: 596 token.rubiconproject.com — Cisco Umbrella Rank: 682 pixel.rubiconproject.com — Cisco Umbrella Rank: 347	14 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 519 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum.casalemedia.com — Cisco Umbrella Rank: 1311	7 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 acdn.adnxs.com — Cisco Umbrella Rank: 618	22 KB
7	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16335 tt.onthe.io — Cisco Umbrella Rank: 13423	23 KB
7	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 21653	56 KB
6	gstatic.com fonts.gstatic.com	101 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 54979 ls.hit.gemius.pl — Cisco Umbrella Rank: 12601	20 KB
4	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 39424 neural40.cdnwebcloud.com — Cisco Umbrella Rank: 58523	8 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 763 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786	7 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2396	6 KB
3	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	529 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 657	678 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608 cdn.indexww.com — Cisco Umbrella Rank: 1375	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	58 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147 www.google.co.uk — Cisco Umbrella Rank: 3174	1 KB
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 42708 api.gravitec.media — Cisco Umbrella Rank: 32702	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 585 eb2.3lift.com — Cisco Umbrella Rank: 373	649 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 127135	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
2	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 99552	185 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	74 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	86 KB
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890	40 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1679	349 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 723	580 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	662 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 375	924 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 83483	351 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 590	42 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6060	322 B
1	usercontent.goog e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog	4 KB
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 429185	169 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	650 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6449	289 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8894	412 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3993	411 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	1 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 56856
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
190	50

	Domain	Requested by
21	www.epravda.com.ua	1 redirects www.epravda.com.ua
20	eimg.pravda.com	www.epravda.com.ua
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
11	s0.2mdn.net	www.epravda.com.ua s0.2mdn.net
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog s0.2mdn.net
7	cdn.gravitec.net	www.epravda.com.ua cdn.gravitec.net
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
6	ib.adnxs.com	1 redirects cdn.membrana.media googleads.g.doubleclick.net acdn.adnxs.com
6	tt.onthe.io	cdn.onthe.io
6	fonts.gstatic.com	fonts.googleapis.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	gaua.hit.gemius.pl	1 redirects www.epravda.com.ua gaua.hit.gemius.pl
3	aax-eu.amazon-adsystem.com	2 redirects
3	x.bidswitch.net	3 redirects
3	www.google.com	www.epravda.com.ua tpc.googlesyndication.com e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
3	inv-nets.admixer.net	cdn.membrana.media
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	creativecdn.com	1 redirects
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	neural40.cdnwebcloud.com	e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
2	gum.criteo.com	1 redirects static.criteo.net
2	googleads4.g.doubleclick.net	www.epravda.com.ua
2	bucket.cdnwebcloud.com	s0.2mdn.net bucket.cdnwebcloud.com
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	googleads.g.doubleclick.net	e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog www.epravda.com.ua
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	www.epravda.com.ua
2	s.zmctrack.net	www.epravda.com.ua
2	connect.facebook.net	www.epravda.com.ua connect.facebook.net
2	cdn.membrana.media	www.epravda.com.ua cdn.membrana.media
2	www.googletagservices.com	www.epravda.com.ua e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
2	www.googletagmanager.com	www.epravda.com.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	csync.loopme.me	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	dmp.brand-display.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	sync.mathtag.com	1 redirects
1	px.ads.linkedin.com
1	m.trafmag.com
1	image8.pubmatic.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	eb2.3lift.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	mug.criteo.com
1	e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog	securepubads.g.doubleclick.net
1	www.google.co.uk	www.epravda.com.ua
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	api.gravitec.media	cdn.membrana.media
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.gravitec.media	cdn.gravitec.net
1	loadercdn.net	www.epravda.com.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	ap.lijit.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	c2shb.ssp.yahoo.com	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	cdn.jsdelivr.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	cdn.onthe.io	www.epravda.com.ua
1	fonts.googleapis.com	www.epravda.com.ua
1	epravda.com.ua	1 redirects
190	77

This site contains links to these domains. Also see Links.

Domain
www.pravda.com.ua
www.eurointegration.com.ua
forum.pravda.com.ua
blogs.pravda.com.ua
www.istpravda.com.ua
life.pravda.com.ua
tabloid.pravda.com.ua
dostup.pravda.com.ua
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
epravda.com.ua Sectigo ECC Domain Validation Secure Server CA	`2022-07-15` - `2023-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cdn.membrana.media R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.pravda.com Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-03` - `2022-11-01`	3 months	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
loadercdn.net R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
cdn.gravitec.media R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
api.gravitec.media R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cdnwebcloud.com Amazon	`2022-09-21` - `2023-10-21`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.epravda.com.ua/
Frame ID: 6FE2706713532A758383F79989DD75E9
Requests: 116 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: A74DF8056484678996A3B70E1CE1AC6C
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: CC932C70AE02C71C213148D841EA0F0F
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 1F67AFDC30E592B1D1DF64183B46A9EF
Requests: 1 HTTP requests in this frame

Frame: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Frame ID: DDEBCF44C87F7C0EC10393B0C6972CD9
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C0C846DA4777A4A7F6BCAF4253AB9275
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E29B36C6B63C51A48DA9CA838FE47913
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYo9_IgAEwAQ&v=APEucNXUSbxKKBggYMG5Pnw47JPdRyzBLM-vDTxuZMrjlxF3t8U95z1CXXmN0V5Dm3li8z2un_NRG5suJUROw8_Q6EYVUjfzVwdFpPh-yEQi5aUXs81nYk1K8cngEdLsQ-10qjJiemGPU9vTsSXGZ1mmV96TFNr04VyQKu-EdhE-2u2CPr28yjo
Frame ID: DF04F2C8EA7A78761BDE20384344DA4A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 878F67C1AB90A03E63434B3BE4CE2DBD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
Frame ID: 28D0A088F0AD226AA77ADD3D9DCFD0B9
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.epravda.com.ua
Frame ID: 2EF14E9E2F5D7D2A49355DECE3DAC11C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js
Frame ID: 35A26DDECC4CFC42B6DD9FC0CE37FAD6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 12D01754FB9A7FB06B72D7C222D313E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5FC3C44CE1BF2A72231FC1F6A4CFF300
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CE45647515160A494DF56A551BA6D26F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 37A0C54FE0BEE33CC62BCC56ADAD7170
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 59309D4DD17512CA600946E13A263749
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Економічна правда

Page URL History Show full URLs

http://epravda.com.ua/ HTTP 301
https://www.epravda.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

190
Requests

89 %
HTTPS

32 %
IPv6

50
Domains

77
Subdomains

67
IPs

13
Countries

4498 kB
Transfer

7340 kB
Size

57
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pravda.com.ua/
Title: Українська правда

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/
Title: Європа

Search URL Search Domain Scan URL

URL: https://forum.pravda.com.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/
Title: Блоги

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/
Title: Історична правда

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/
Title: Життя

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/
Title: ТаблоID

Search URL Search Domain Scan URL

URL: https://dostup.pravda.com.ua/
Title: Доступ

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/cdn/cd1/advertising/
Title: Реклама на сайті

Search URL Search Domain Scan URL

URL: https://www.facebook.com/epravda
Title: 14,3k

Search URL Search Domain Scan URL

URL: https://twitter.com/epravda
Title: 11,2k

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/cookies/
Title: cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://epravda.com.ua/ HTTP 301
https://www.epravda.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.epravda.com.ua/misc/v3/matchMedia.js HTTP 301
https://www.epravda.com.ua/misc/v3/matchmedia.js

Request Chain 91

https://gaua.hit.gemius.pl/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.epravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AqhrTv2U4Gq3vYapm9nS5.yW7SU6zs2Bdac5veoQf_D.n71odF_qSIm.BaYsOa9Zzq4jdWywKJRSfWMTbgnDiDt3eWfO/_aXAYqfxLN_lI/&ltime=202&fpdata=Ahq1AGJEn3W_PCsOJpAlI2Ytlsm2Gkt77Zbssziq.5X._7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.epravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AqhrTv2U4Gq3vYapm9nS5.yW7SU6zs2Bdac5veoQf_D.n71odF_qSIm.BaYsOa9Zzq4jdWywKJRSfWMTbgnDiDt3eWfO/_aXAYqfxLN_lI/&ltime=202&fpdata=Ahq1AGJEn3W_PCsOJpAlI2Ytlsm2Gkt77Zbssziq.5X._7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0x8eNG1xzhGpAfMZ6fS6Q&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1cr40p546OaafteVsOy1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHtXjCHTer_ERrC5QvPk1j4&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDJbyiwP91H11K441BQoqCA&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjkzMTU1MzAyNTI0NjAyOQ%3D%3D

Request Chain 144

https://gum.criteo.com/sid/json?origin=publishertag&domain=epravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.epravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VD7Vznx1ZkNrbS9BZ2JTdmhONFduT2ZpUmgyeEI2cTR1STBSazBGNFpWK0JjOTNsTTZJN3JUWW9JSGE2Z28rQ2ZnRTBZYy9WT3pSbHRRY28vL0NMdHU5K0k2WFVoUTBaTFl3cEZDb3VVdXg1S0tMNnZNaC9vaTQzSG5OdVlxYzAzMFMzRFdRZU1vakRWbWtsSUVnVnRKbWx1bzlhYTdjTzIvV29saDYxRG5EN2J2VU1SZHRkQ09HbkgyUWk2c0lNNVl3YW5TdmI2ZUgxUmM0MFo4dVFWVHNQMHhYUDRBQzhod0l6b1U3R2J3MGZGbUtCMDZkK0RIWVY5OE9qMS9BZ0FVNVhXYktlQzZOY1FzaVQ5ODlHZVRYeFUxT3lFandReWxnUytTN2NXb292OXFEdz18&cppv=2

Request Chain 161

https://x.bidswitch.net/sync?ssp=admixer&user_id=f8d7730cc17846f38400ac827619c37b&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=f8d7730cc17846f38400ac827619c37b&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_1be2e1cb-8d8b-4c85-b52f-d3c6f09e604c&bsw_param=747d5d64-75eb-436e-9b7f-26f994e90e51&expires=10 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&consent=&gdpr_pd=

Request Chain 162

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 169

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOR1AwRlctVS1IUEdZ

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO6ILXHmyu--rLB0XMxKDuU&google_cver=1

Request Chain 171

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZXEl0bfpTBy4GJvH7Gtyqg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXEl0bfpTBy4GJvH7Gtyqg

Request Chain 172

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjM3MDY2NzNlMzgxN2E1OGNmMTA2NmMwZDQ4NzZmZDA5YzU0ODYxYQ

Request Chain 173

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NGP0FW-U-HPGY

Request Chain 175

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/tkqpHkqkvWH0cq4FSeFXIg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1933084313424625552

Request Chain 176

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BWO7SIgPQ9ivd3QOcgp4Zw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BWO7SIgPQ9ivd3QOcgp4Zw

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1cr40p546OaafteVsOy1wAADG0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKQN0vJpTQcAQWcvW55bGlE&google_cver=1

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB&dcc=t

Request Chain 181

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e07d6357-2be6-4900-9617-37d47789927e

Request Chain 182

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jGKRkx3zTvtb4ixRgQ108dmKxGU

Request Chain 183

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cac3a814-c6af-396b-5bbc025e

190 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.epravda.com.ua/
Redirect Chain

http://epravda.com.ua/
https://www.epravda.com.ua/

109 KB
26 KB

162ms
94ms

Document
text/html

130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: ed13b39809e9681bc4dcc0aa457c2375fd8c61e872c73675af2e751ece2a567b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: must-revalidate,no-transform,public,max-age=15
content-encoding: br
content-type: text/html; charset=windows-1251
date: Tue, 25 Oct 2022 00:20:49 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 google

Redirect headers

Age: 1071
Content-Length: 162
Content-Type: text/html
Date: Tue, 25 Oct 2022 00:02:57 GMT
Location: https://www.epravda.com.ua/
Server: nginx
Via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 146ms
57ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

155af02b4157ace285bea8b4a111e61e31995878fea501825d115fceb4e3e172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 00:20:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 00:20:49 GMT

GET
H2 200 index.css
www.epravda.com.ua/misc/v3/ 127 KB
18 KB 34ms
32ms Stylesheet
text/css 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/index.css?15
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: df84f763f6e4c2a30070eb8b45019970c556d9588b149bd6d60ecc74b6d00d86

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:44:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Oct 2022 18:40:01 GMT
server: nginx
age: 984961
etag: W/"6345b881-1fcef"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17948

GET
H2 200 responsive.css
www.epravda.com.ua/misc/v3/ 14 KB
3 KB 33ms
31ms Stylesheet
text/css 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/responsive.css?v=10
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3ff7abcd10e4a99ba3e8dc3b7c7c8a15f124adfa7d4897e3129148907ff9316d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 16 Aug 2021 07:24:45 GMT
server: nginx
age: 984925
etag: W/"611a12bd-389b"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2882

GET
H2 200 jquery-3.4.0.min.js Show response
www.epravda.com.ua/misc/v3/ 86 KB
29 KB 44ms
42ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/jquery-3.4.0.min.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:44:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 10 Apr 2019 19:56:14 GMT
server: nginx
age: 984961
etag: W/"5cae4a5e-15857"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29973

GET
H2 200 common.js Show response
www.epravda.com.ua/misc/v3/ 10 KB
2 KB 43ms
41ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/common.js?20
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 21a3bf3fe4470d73eb601fbf6fd68188cc567340d2ac86585ffc96b17a677d19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 23 Mar 2020 23:13:46 GMT
server: nginx
age: 984925
etag: W/"5e7942aa-28a5"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1848

GET
H3

200

matchmedia.js Show response
www.epravda.com.ua/misc/v3/
Redirect Chain

https://www.epravda.com.ua/misc/v3/matchMedia.js
https://www.epravda.com.ua/misc/v3/matchmedia.js

3 KB
1 KB

31ms
31ms

Script
application/javascript

130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/matchmedia.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3a1b440b0ca36a1dd0247fe8d82e815dde920c4711176687ad0f77a355ac905

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Sep 2022 08:38:42 GMT
server: nginx
age: 984925
etag: W/"63316512-a86"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1007

Redirect headers

date: Mon, 24 Oct 2022 23:58:28 GMT
via: 1.1 google
server: nginx
age: 1341
vary: Accept-Encoding
content-type: text/html
location: /misc/v3/matchmedia.js
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162

GET
H2 200 login.js Show response
www.epravda.com.ua/misc/v3/ 3 KB
890 B 61ms
60ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/login.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 423994aa76e64e4a04c31c9ae0e80670d4d292d212fa00ec3715b020dda9a67b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 10 Sep 2016 18:30:37 GMT
server: nginx
age: 984925
etag: W/"57d4514d-d40"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794

GET
H2 200 jquery.sticky.js Show response
www.epravda.com.ua/misc/ 8 KB
2 KB 60ms
59ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/jquery.sticky.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Sun, 18 Oct 2015 23:19:33 GMT
server: nginx
age: 984925
etag: W/"56242905-2064"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2094

GET
H2 200 dyn_content_ukr.js Show response
www.epravda.com.ua/misc/v3/ 2 KB
587 B 60ms
58ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/dyn_content_ukr.js?v=1
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3249b3a1dad30126401ffed63d5ca301a743a8dfcebb1dbf4e694bf08a78eaa3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:08:10 GMT
content-encoding: br
via: 1.1 google
last-modified: Sat, 21 Aug 2021 04:55:08 GMT
server: nginx
age: 983559
etag: W/"6120872c-74b"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 485

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 144ms
54ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-18

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3117fa86ef7925541e5c3844f2eb83fa5972bee5506c4698d3d04bb8a614997a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43590
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 00:20:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 143ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82db0dcde9afcb6c9f867f8c983d9624c5c277a885eaa53acba3b7d8cd6c8a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27255
x-xss-protection: 0
server: sffe
etag: "1374 / 856 of 1000 / last-modified: 1666649227"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Oct 2022 00:20:49 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/epd/ 362 KB
112 KB 139ms
41ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/epd/ym.js?v=3
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 5de327718d8b53a33a567a963ceba38b36d891f8fea13496ac859e425e70fb59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-167
cdn-cachedat: 10/24/2022 10:09:54
cdn-pullzone: 139012
last-modified: Mon, 24 Oct 2022 09:57:28 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 305
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63566188-5a742"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: c9917ce9d6d85445b29dbbec00cd398c
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/ 64 KB
18 KB 173ms
79ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/client.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a496a39ec1a8e90ea460bc0926f5665a0da7b0de4d2008155419e492af14fbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 13 Oct 2022 09:05:01 GMT
date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 08:50:25 GMT
server: nginx
etag: W/"6347d151-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 b74732f-imgonline-com-ua-resize-y47csvwkoqur4.jpg
eimg.pravda.com/images/doc/b/7/ 66 KB
66 KB 148ms
75ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/b/7/b74732f-imgonline-com-ua-resize-y47csvwkoqur4.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

802742e3368dabc41255e4af12a645d2d03abbeb0df0fdc23ea665fce151a802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Oct 2022 17:21:59 GMT
server: nginx
date: Mon, 24 Oct 2022 17:29:24 GMT
age: 24685
etag: "6356c9b7-10780"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67456
x-xss-protection: 1; mode=block

GET
H2 200 bf5711e-eoselya-m2_485x299.jpg
eimg.pravda.com/images/doc/b/f/ 49 KB
49 KB 131ms
58ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/b/f/bf5711e-eoselya-m2_485x299.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0826c04bf0c3baad50da103403d5cc159a44e2771fed56d0e497faef8e7e2839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Oct 2022 06:29:22 GMT
server: nginx
date: Mon, 24 Oct 2022 06:49:46 GMT
age: 63063
etag: "635630c2-c4f6"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50422
x-xss-protection: 1; mode=block

GET
H2 200 66873c2-petro-panteleev-kyiv-m2_139x85.jpg
eimg.pravda.com/images/doc/6/6/ 5 KB
5 KB 163ms
90ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/6/6/66873c2-petro-panteleev-kyiv-m2_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e108f02394ac984b1bfd71a629a933aef89e118bce44253c7bf235416c62854b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Oct 2022 20:09:14 GMT
server: nginx
date: Sat, 22 Oct 2022 06:47:32 GMT
age: 235997
etag: "6352fc6a-12f9"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4857
x-xss-protection: 1; mode=block

GET
H2 200 ad7d62f-acty-m-485_139x85.jpg
eimg.pravda.com/images/doc/a/d/ 3 KB
4 KB 165ms
92ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/a/d/ad7d62f-acty-m-485_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

266dd63d699a84a3bcfadea67cb70a46096c19f1963ece4baf7ad07daad8cb1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Oct 2022 19:23:27 GMT
server: nginx
date: Sat, 22 Oct 2022 15:00:13 GMT
age: 206436
etag: "6352f1af-df6"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3574
x-xss-protection: 1; mode=block

GET
H2 200 24589ef-oligarchs690_139x85.jpg
eimg.pravda.com/images/doc/2/4/ 6 KB
6 KB 184ms
112ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/2/4/24589ef-oligarchs690_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

046327fd8f65bcc854c7f62e8482c75641d5764915d16b330a128e584944a86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Oct 2022 07:58:32 GMT
server: nginx
date: Fri, 21 Oct 2022 08:09:22 GMT
age: 317487
etag: "63525128-16f7"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5879
x-xss-protection: 1; mode=block

GET
H2 200 5fe1d9e-shapoval-690_139x85.jpg
eimg.pravda.com/images/doc/5/f/ 4 KB
4 KB 183ms
111ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/5/f/5fe1d9e-shapoval-690_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2c484b7e6757614f9eda37247b37e9b203428ad1f937bbbdf3f6dd2b16a433e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Oct 2022 11:39:15 GMT
server: nginx
date: Thu, 20 Oct 2022 13:15:18 GMT
age: 385531
etag: "63513363-e62"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3682
x-xss-protection: 1; mode=block

GET
H3 200 9db50b8-akhmetov690--1-_485x299.jpg
eimg.pravda.com/images/doc/9/d/ 50 KB
50 KB 92ms
61ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/9/d/9db50b8-akhmetov690--1-_485x299.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a9cbdd6521ec47ddcea1daab5bf47b882aad375be236b3037165371ef4d2689c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 03 Oct 2022 05:22:41 GMT
server: nginx
date: Wed, 19 Oct 2022 10:49:02 GMT
age: 480707
etag: "633a71a1-c9a8"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51624
x-xss-protection: 1; mode=block

GET
H3 200 52aab6f-texas-instruments-m2_139x85.jpg
eimg.pravda.com/images/doc/5/2/ 5 KB
5 KB 68ms
37ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/5/2/52aab6f-texas-instruments-m2_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

157a4cf4f8bf92ca13173ccb8d3f7290a21c1960a8048b9910e5b5cafd2460ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Oct 2022 06:23:18 GMT
server: nginx
date: Thu, 20 Oct 2022 06:35:42 GMT
age: 409507
etag: "6350e956-12e6"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4838
x-xss-protection: 1; mode=block

GET
H3 200 0d68199-tymchenko-m3_139x85.jpg
eimg.pravda.com/images/doc/0/d/ 5 KB
5 KB 63ms
33ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/0/d/0d68199-tymchenko-m3_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5fb06cfb8b1f5ea4ae467b3fd4288f62153960269f7ba4f0229f5565841a2ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 15:38:56 GMT
server: nginx
date: Wed, 19 Oct 2022 16:02:31 GMT
age: 461898
etag: "63501a10-143c"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5180
x-xss-protection: 1; mode=block

GET
H3 200 d2611b8-bronezhylety-m_139x85.jpg
eimg.pravda.com/images/doc/d/2/ 6 KB
6 KB 103ms
72ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/d/2/d2611b8-bronezhylety-m_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2bb735375f5858e0693bd820cc7e04302dc7e4d5f8fca3371ccfaadebef9d7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 07:01:42 GMT
server: nginx
date: Wed, 19 Oct 2022 07:24:53 GMT
age: 492956
etag: "634fa0d6-18ff"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6399
x-xss-protection: 1; mode=block

GET
H3 200 6e783c4-podatky-m_139x85.jpg
eimg.pravda.com/images/doc/6/e/ 5 KB
5 KB 112ms
81ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/6/e/6e783c4-podatky-m_139x85.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

96afcf43dc3407d30095740cf6a3acd540e2b0bd95e4987571da1cb40c5f8137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 12:05:05 GMT
server: nginx
date: Tue, 18 Oct 2022 12:18:10 GMT
age: 561759
etag: "634e9671-136c"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4972
x-xss-protection: 1; mode=block

GET
H3 200 5e75df1-139-85.png
eimg.pravda.com/images/doc/5/e/ 31 KB
31 KB 70ms
39ms Image
image/png 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/5/e/5e75df1-139-85.png

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f654a3878b63c4a20dbd1f2537fd3b2a7a010c53625e6241e6e1485f49142416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 10:35:10 GMT
server: nginx
date: Tue, 18 Oct 2022 10:46:01 GMT
age: 567288
etag: "634e815e-7ad6"
content-type: image/png
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31446
x-xss-protection: 1; mode=block

GET
H2 200 d719095-korobkova-42.jpg
eimg.pravda.com/images/doc/d/7/ 12 KB
13 KB 72ms
30ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/d/7/d719095-korobkova-42.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5fcd167728c17510032b89af725c6bf25a7e07f8dd20ff2d80956b8a82498fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Apr 2019 12:11:03 GMT
server: nginx
date: Mon, 24 Oct 2022 14:36:54 GMT
age: 35035
etag: "5cac8bd7-3113"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12563
x-xss-protection: 1; mode=block

GET
H2 200 382613f-312583537-3161833800749008-921719840351063719-n.jpg
eimg.pravda.com/images/doc/3/8/ 2 KB
2 KB 135ms
94ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/3/8/382613f-312583537-3161833800749008-921719840351063719-n.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

192cc0f99a31148640f19dbfc0ffeae09c62c411ffa3e9f23670bc58fe335740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Oct 2022 05:27:20 GMT
server: nginx
date: Mon, 24 Oct 2022 10:41:05 GMT
age: 49184
etag: "63562238-678"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1656
x-xss-protection: 1; mode=block

GET
H2 200 6cc2715-312277727-8170094409698788-356274621224253532-n.jpeg
eimg.pravda.com/images/doc/6/c/ 4 KB
4 KB 96ms
55ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/6/c/6cc2715-312277727-8170094409698788-356274621224253532-n.jpeg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b3484f03eae9dd301a5b78c18f799f743590dae5184fbf22109eef1cef9490cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 24 Oct 2022 05:06:52 GMT
server: nginx
date: Mon, 24 Oct 2022 05:22:55 GMT
age: 68274
etag: "63561d6c-110c"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4364
x-xss-protection: 1; mode=block

GET
H2 200 7ae0e0d-this-one.jpg
eimg.pravda.com/images/doc/7/a/ 11 KB
11 KB 76ms
35ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/7/a/7ae0e0d-this-one.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

75d565698cc385992ea5d6e49dff898b39580f4d87642db55bb51afa1dc5667b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Feb 2021 14:17:30 GMT
server: nginx
date: Fri, 21 Oct 2022 14:42:30 GMT
age: 293899
etag: "6037b17a-2b3e"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11070
x-xss-protection: 1; mode=block

GET
H3 200 0ce102d--------.jpg
eimg.pravda.com/images/doc/0/c/ 1 KB
1 KB 114ms
84ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/0/c/0ce102d--------.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f3f6b3955de9277c820aff5537fbaaf3508d8babf6356495bbc7b05fab9efa35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Oct 2022 06:54:04 GMT
server: nginx
date: Fri, 21 Oct 2022 10:16:52 GMT
age: 309837
etag: "6352420c-5be"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1470
x-xss-protection: 1; mode=block

GET
H3 200 e9e88db-8fc8f83-svitlana-paveletska.jpeg
eimg.pravda.com/images/doc/e/9/ 6 KB
6 KB 106ms
75ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/e/9/e9e88db-8fc8f83-svitlana-paveletska.jpeg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

22523352df3b04ba0815c9f3efedbdd9a46110022ec1f2cf02cea3a0a1fcb03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Oct 2022 08:12:25 GMT
server: nginx
date: Fri, 21 Oct 2022 05:35:08 GMT
age: 326741
etag: "635102e9-16dc"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5852
x-xss-protection: 1; mode=block

GET
H3 200 983c40c-275235384-1111247896336524-8076567338610421126-n.jpg
eimg.pravda.com/images/doc/9/8/ 2 KB
2 KB 110ms
79ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/9/8/983c40c-275235384-1111247896336524-8076567338610421126-n.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6b8435f31f583aca5c79359a1fa9c554ea915c72ce394415d9a1a53637ce7bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 18 Jul 2022 10:10:32 GMT
server: nginx
date: Thu, 20 Oct 2022 14:45:26 GMT
age: 380123
etag: "62d53198-73a"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1850
x-xss-protection: 1; mode=block

GET
H3 200 2300e38-energoaudit-m_300x185.jpg
eimg.pravda.com/images/doc/2/3/ 17 KB
17 KB 82ms
52ms Image
image/jpeg 34.111.234.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eimg.pravda.com/images/doc/2/3/2300e38-energoaudit-m_300x185.jpg

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.234.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

95.234.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

41f88e1daa63753ca6dbf9f3bc7e22e481bd2d0fbf17a5405ea7068ea14615d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 23 Sep 2022 06:41:43 GMT
server: nginx
date: Sun, 23 Oct 2022 07:54:28 GMT
age: 145581
etag: "632d5527-43c9"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17353
x-xss-protection: 1; mode=block

GET
H3 200 8de7560-elektronna-comerciya-300x185.jpg
www.epravda.com.ua/images/doc/8/d/ 12 KB
12 KB 34ms
32ms Image
image/jpeg 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/doc/8/d/8de7560-elektronna-comerciya-300x185.jpg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 70fce2d869090684a98e0885b8e3b297872329e1d038ec01ace20d77d9c8d17b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 15:08:10 GMT
via: 1.1 google
last-modified: Wed, 08 Apr 2020 22:09:17 GMT
server: nginx
age: 983559
etag: "5e8e4b8d-316b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12651

GET
H3 200 priority-nav.js Show response
www.epravda.com.ua/misc/v3/ 21 KB
4 KB 30ms
30ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/v3/priority-nav.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe83df1d4eeeb09fa5e87cb4e0eb2325c312865592d8e0e3fbacff61b829bf1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:44:49 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 25 Mar 2016 14:20:22 GMT
server: nginx
age: 984960
etag: W/"56f54926-547b"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4539

GET
H3 200 jquery.lightbox-0.5.pack.js Show response
www.epravda.com.ua/misc/ 6 KB
3 KB 31ms
31ms Script
application/javascript 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/jquery.lightbox-0.5.pack.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32af1d536ea196e125e4640d8ef1d4004657d0c3c68bc4d716dc1dd6f474e6d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 27 Jul 2010 18:53:16 GMT
server: nginx
age: 984924
etag: W/"4c4f2b1c-186e"
vary: Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2781

GET
H3 200 jquery.lightbox-0.5.css
www.epravda.com.ua/misc/ 2 KB
788 B 31ms
30ms Stylesheet
text/css 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/misc/jquery.lightbox-0.5.css
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe151dbc2f48af8ecf6f710163291354aa6f9c37f85a054e0b5de6b281440016

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 27 Jul 2010 18:53:28 GMT
server: nginx
age: 984924
etag: W/"4c4f2b28-8da"
vary: Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 768

GET
H/1.1 200
OK pH5OgNhg7FvH Show response
cdn.onthe.io/io.js/ 68 KB
21 KB 187ms
85ms Script
text/javascript 142.93.104.37
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.104.37 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9192ce1505fd519298d663d2640bdb0c0649928c448b54398126d104470f55f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 00:20:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 06:58:41 GMT
Server: nginx
ETag: W/"60ebe821-111bb"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 26 Oct 2022 00:20:49 GMT

GET
H3 200 up_logo_ukr.svg
www.epravda.com.ua/images/v3/ 10 KB
3 KB 57ms
55ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/v3/up_logo_ukr.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d860ba948ff50c0567c07a7c20920d5d5fc62bb28eea4d04a183ba9f86b7217

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/misc/v3/index.css?15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 12 May 2016 12:15:52 GMT
server: nginx
age: 984917
etag: W/"573473f8-29b8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3223

GET
H3 200 ep_symbol.svg
www.epravda.com.ua/images/v3/ 48 KB
19 KB 44ms
43ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/v3/ep_symbol.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0bd4448d525823f2ebc897df0d37caf5f5945ca65390d9cc85c9e3131cfefcda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/misc/v3/index.css?15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:45:25 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Sun, 08 May 2016 19:45:02 GMT
server: nginx
age: 2124
etag: W/"572f973e-c1a9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19666

GET
H3 200 ep_logo_ukr.svg
www.epravda.com.ua/images/v3/ 11 KB
4 KB 55ms
53ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/v3/ep_logo_ukr.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: eb6b715d77e8c9ab8dae20e4c5ae52ea7b5823b7ebf18b84fcb472141531cf07

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/misc/v3/index.css?15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:25 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 22 Jan 2018 17:31:39 GMT
server: nginx
age: 984924
etag: W/"5a661ffb-2d43"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3702

GET
H2 200 va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2
fonts.gstatic.com/s/firasans/v16/ 10 KB
11 KB 132ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17346ce4e3e8e8f38c0acf0d4cac665b9c4f8ae8ae2f45d81a2906450e4ff168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:11:28 GMT
x-content-type-options: nosniff
age: 349761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10228
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:08:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:11:28 GMT

GET
H3 200 ep-icons.ttf
www.epravda.com.ua/images/v3/fonts/ 6 KB
4 KB 35ms
33ms Font
text/html 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.epravda.com.ua/images/v3/fonts/ep-icons.ttf?b6ok6k
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3dc946f8c378868c828b7d987da2e2aeca2f3264be054345a133a91b2b16b523

Request headers

Referer: https://www.epravda.com.ua/misc/v3/index.css?15
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:44:49 GMT
content-encoding: br
via: 1.1 google
server: nginx
age: 984960
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3634

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ 22 KB
22 KB 198ms
108ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:26:21 GMT
x-content-type-options: nosniff
age: 276868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22592
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 19:26:21 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 59 KB
16 KB 194ms
55ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
last-modified: Fri, 30 Sep 2022 13:21:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15975
expires: Tue, 25 Oct 2022 12:20:49 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eQhf6TF0.woff2
fonts.gstatic.com/s/firasans/v16/ 11 KB
11 KB 210ms
131ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eQhf6TF0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b21f05fa70af86b76bc9e70bbe8275579937e6218a97718bde1fd27221f9473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:11:34 GMT
x-content-type-options: nosniff
age: 349755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:11:34 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 126ms
48ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:45:37 GMT
x-content-type-options: nosniff
age: 574512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23724
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 08:45:37 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnMK7eQhf6TF0.woff2
fonts.gstatic.com/s/firasans/v16/ 11 KB
11 KB 205ms
126ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnMK7eQhf6TF0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b96ba57ad12fdb84cf5fa8c48d447dfddf4a5523c031f03e1dd1e81a5eb9f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:50:25 GMT
x-content-type-options: nosniff
age: 343824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10992
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 00:50:25 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 23 KB
23 KB 165ms
87ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,400i,700,700i,800,800i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dd4bdd061b841977156022ef345ae7f5bdfeb201007b759358612afbae161cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:46:16 GMT
x-content-type-options: nosniff
age: 574473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23796
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:51:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 08:46:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 123ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3afdf8e6897aa00640bd156b0e5b6cc23cbebb7f796c36be03949001fb0c5149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 00:20:49 GMT
content-md5: 21uf8+s01l8dhwvx+ZqWHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: nvCttBPbaFb7Upsz/rt8QGY8yKx3x/agOY41nWfZlfr2AnERBdZ6yyN8GtPk8Udd2b2uL3n9/LQDXstBU98fXA==
x-fb-trip-id: 917726464
x-fb-content-md5: 3767840ac20016edfbf4d70c0232b0e7
cross-origin-opener-policy: same-origin-allow-popups
etag: "7262bc0fd2422888394a83a561ca5def"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Oct 2022 00:30:45 GMT

GET
H3 200 0f59dc7-fire.svg
www.epravda.com.ua/files/0/f/ 592 B
612 B 31ms
30ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/files/0/f/0f59dc7-fire.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b2562126068309c9113ce0846d89b29e58b2aa3bb7120140820d329ab41bfe8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:26 GMT
via: 1.1 google
last-modified: Tue, 05 Apr 2022 13:20:15 GMT
server: nginx
age: 984923
etag: "624c420f-250"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=1209600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 592

POST
H2 200 z Show response
s.zmctrack.net/ Frame A74D 51 KB
23 KB 291ms
134ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 3a499ab6fa022446b79aa8e5406fbc0cb08a54b6f8d31b496752a781f5fbe719

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23509
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 301 KB
85 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=5636a3e8ef13d9a4f78995688a05ffa8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b04ed0df6ab0606576cfcc552c035179f8ca0176500443d4135b23fed953365d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.epravda.com.ua/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 00:20:49 GMT
content-md5: guUi06QLFlkNOYLgMzi1OA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87108
x-fb-rlafr: 0
x-fb-debug: gcDrVaKJofXuXcOaLoVOJedZHNxXwDkrhD/NipWKBdZJzH8kolKBiFEZ+h6NdtK/d3dHdjw5s9InV5gIQ7mJyA==
x-fb-content-md5: 7007183a63cfee007e4230c47df956d3
cross-origin-opener-policy: same-origin-allow-popups
etag: "e9bc1367b5b839b2bbd15a4bb867367e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Oct 2023 22:15:47 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 135ms
54ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=6f9601585149dd967dd244efc3cca232
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: e94c01d7482fdfea3c201d0d8746cc8eacc132d3df48cc8cff0d54e22d34f335

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
x-correlation-id: 63105a47aaa4ac16c78c066598f26629
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H2 200 pubads_impl_2022101901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130799
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 08:34:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Oct 2023 00:03:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 169 B
753 B 138ms
49ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.epravda.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0c6ca19e9d9ff4d304c3148ff2dc188145c9c3448de66f89591ad13afbe342b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Tue, 25 Oct 2022 00:20:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 23:15:56 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3893
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 25 Oct 2022 01:15:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 135ms
52ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a90617a1dffd94a8bd79015229a3956c9faceb192b7faf680c968f94100f3670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43615
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 00:20:49 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 142ms
43ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42125:uniques_instantly[url:%2F,domain:www.epravda.com.ua,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0,page_type:main,language:ua,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:7110d78e7.7d21f22b5_1666657249556,session_id:7f7028e68.765938e81_1666657249557,cdn_version:26]&s=068932608361b9b261f2a7e53f59a6ff&1666657249563
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 142ms
44ms Script
text/html 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=25&holding=859faaebd514d65ed0a19a5eea288384&hash_user=7110d78e7.7d21f22b5_1666657249556&1666657249564
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 140ms
45ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42125:visits_instantly[url:%2F,domain:www.epravda.com.ua,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0,page_type:main,language:ua,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:7110d78e7.7d21f22b5_1666657249556,session_id:7f7028e68.765938e81_1666657249557,cdn_version:26]&s=068932608361b9b261f2a7e53f59a6ff&__io=7110d78e7.7d21f22b5_1666657249556&1666657249566
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 138ms
44ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42125:pageviews[url:%2F,domain:www.epravda.com.ua,page:%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0,page_type:main,language:ua,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:7110d78e7.7d21f22b5_1666657249556,session_id:7f7028e68.765938e81_1666657249557,cdn_version:26]&s=068932608361b9b261f2a7e53f59a6ff&1666657249568
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ht.json Show response
tt.onthe.io/pH5OgNhg7FvH/ 2 B
378 B 116ms
43ms XHR
application/json 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/pH5OgNhg7FvH/ht.json
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Last-Modified: Sat, 12 Mar 2022 20:37:31 GMT
Server: nginx
ETag: "622d048b-2"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 153ms
49ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 23:33:21 GMT
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 16:04:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C1
age: 2849
x-amz-server-side-encryption: AES256
etag: W/"325ba14a3555ca64958500cbd00f9a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: Az-8Q232l75PXr6XJdB0HuB6Lpg0UP-NSQRhQ3x8vdR3l237JMawgA==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 172ms
80ms Ping
text/html 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?EPD;desktop;;page_desktop;2450aa|705fe6
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 227 KB
73 KB 41ms
41ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 5912788717c50fe0b9788091106264b25a70b571b65669acbeb1d798a69887e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-167
cdn-cachedat: 10/20/2022 10:23:27
cdn-pullzone: 139012
last-modified: Thu, 20 Oct 2022 10:23:21 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63512199-38b5e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: b7caf0ec93e23de5ebb88f0bb3c72b57
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 102ms
38ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221025

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94cd583302b8e72a39226ed3e0df95859bf3b5f38001a2844cf5be6844fda58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 33585
x-jsd-version: 1.0.1503
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-yyz4523-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"66f-eGd9HevmK3wx6n8jnV/1+TLrQqw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 75f6c9e32b577783-LHR

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
411 B 229ms
107ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 232ms
153ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b40dbe1fb06ac6468dec5e5e370e4436c22eae5f2bae8a4280f9e56569ee5355

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
AN-X-Request-Uuid: 0e0de366-793c-4010-9f09-ad3b3a5a081b
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.epravda.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 292ms
117ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421290&zone_id=2390560&size_id=15&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.epravda.com.ua%2F&tk_flint=pbjs_lite_v6.29.1&x_source.tid=7d9b0a7c-717a-42d5-84e3-d4475f0e6522&l_pb_bid_id=623e58f7a43b35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9506907359102201
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9c4b3e388a42c48b55f68ea667068dce1d92986801938b7553310d87cc0f952d

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.epravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
295 B 182ms
52ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969cc50180803c5854481608e90155&pos=8a9695a00180803c601848167f3e0184&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: eb8b603671d191ca408aab8bab3d4b078d4df63821563b4fd4bb7dd005919318

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.epravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
289 B 225ms
136ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=831914&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22935340b8d1f62b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.epravda.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.1%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.epravda.com.ua%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22101104e3ed3b8c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22831914%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22fd182d2f-e98c-448c-be3d-3d292004438e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d7ceead6f8d266d7319b06daf4b8df41b10c810a9d67c52e24d4097be7f310f

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75f6c9e36d2a0716-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
220 B 227ms
41ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.1&cb=68418319214

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.epravda.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 195 B
412 B 267ms
148ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8458&sizes=300x250&referer=https%3A%2F%2Fwww.epravda.com.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: bd89be957b3383ea7725da9cba3a3e61a508ce60fdba9240f5a0f35f48b9a49a

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.epravda.com.ua
date: Tue, 25 Oct 2022 00:20:49 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
508 B 131ms
42ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.epravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
289 B 108ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.epravda.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 186ms
83ms XHR
application/json 52.59.9.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.1&referrer=https%3A%2F%2Fwww.epravda.com.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.9.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-9-89.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
accept-ch: sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 4 KB
5 KB 130ms
43ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

f4feadf4e2a99987dde6ff466cbe921caee739f354bab8a98b508d7babb6d47f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.epravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 4231
X-Xss-Protection: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
650 B 156ms
51ms XHR
application/json 216.52.2.48
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: dfee967f11574be8aa90966513b510cffa5774f43cb729fe78c59756a48beef6

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 Oct 2022 00:20:49 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.epravda.com.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 283 B
398 B 54ms
54ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.epravda.com.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: d8ba992e6f0ee87057b986457c6dd72670f3d187468860cbda0d4d6ea4b6928f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:49 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 283
expires: Thu, 24 Nov 2022 00:20:49 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame CC93 5 KB
3 KB 172ms
55ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: e4bfe9317fa688c530f8126014040659c7f0f38016ebf343dcc421860473fc4c

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:49 GMT
etag: PRIVATE7520710249
expires: Thu, 24 Nov 2022 00:20:49 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 204 /
loadercdn.net/ 0
169 B 234ms
70ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=0aa0bc64124e18f5&d=www.epravda.com.ua
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 00:20:49 GMT
server: openresty

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
42ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166620513397294&ev=fb_page_view&dl=https%3A%2F%2Fwww.epravda.com.ua%2F&rl=&if=false&ts=1666657249801&sw=1600&sh=1200&at=

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 00:20:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 126ms
43ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166620513397294&ev=fb_page_view&dl=https%3A%2F%2Fwww.epravda.com.ua%2F&rl=&if=false&ts=1666657249802&sw=1600&sh=1200&at=

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 00:20:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 110ms
34ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 23 Jan 2023 00:20:49 GMT
date: Tue, 25 Oct 2022 00:20:49 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 130ms
48ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=373511336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.epravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%95%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D1%87%D0%BD%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1067989281&gjid=1332680140&cid=1968916844.1666657250&tid=UA-554376-18&_gid=923182603.1666657250&_r=1&gtm=2ouaj0&z=473055015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 119ms
48ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=373511336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.epravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%95%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D1%96%D1%87%D0%BD%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1058027484&gjid=1135837466&cid=1968916844.1666657250&tid=UA-554376-23&_gid=923182603.1666657250&_r=1&gtm=2ouaj0&z=593319930

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 43ms
43ms XHR
text/javascript 188.40.114.5
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:uniques_holding&s=068932608361b9b261f2a7e53f59a6ff&__io=7110d78e7.7d21f22b5_1666657249556&1666657249864
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pH5OgNhg7FvH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.5.114.40.188.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:49 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 43ms
43ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.epravda.com.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:37:51 GMT
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
age: 9777
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.epravda.com.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: EvzW1fWPiCu2ibGPbCm2l9xm0xi02Qq_5KEJVz4p1zSa-GKNdUuKhA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
466 B 214ms
76ms XHR
text/javascript 108.157.6.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.epravda.com.ua%2F&pid=DdaJ2bxMIMple&cb=0&ws=1600x1200&v=22.10.131733&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_266744036%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22308795431%2FEPD_SBR_300%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.6.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-6-231.dus51.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: 3V9S2JFB7A9TCSV94DPH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.epravda.com.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yWI2m2Oy3G_QOXAZBeQkAJr8A9zF8g5TpKzZfjfgDGse-ZxSDbt3GA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 122ms
41ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding: gzip
via: 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 19:58:56 GMT
x-amz-cf-pop: FRA56-C1
age: 15737
x-cache: Hit from cloudfront
last-modified: Fri, 21 Oct 2022 19:58:26 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: o2kW-3kyeKeqp9h6vnsba-d-tcH-TS7pQAk_0rmekveTLc3ZSTDUpA==

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1666657249934/
Redirect Chain

https://gaua.hit.gemius.pl/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww...
https://gaua.hit.gemius.pl/__/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
471 B

152ms
152ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.epravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AqhrTv2U4Gq3vYapm9nS5.yW7SU6zs2Bdac5veoQf_D.n71odF_qSIm.BaYsOa9Zzq4jdWywKJRSfWMTbgnDiDt3eWfO/_aXAYqfxLN_lI/&ltime=202&fpdata=Ahq1AGJEn3W_PCsOJpAlI2Ytlsm2Gkt77Zbssziq.5X._7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 7f3628d04f679f9eaed8ee0ecb7294251c2eb393d6ee09bb9e09ba99f2708e84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 24 Oct 2022 00:20:50 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1666657249934/rexdot.js?l=100&sendf=8&id=zPc1jSs7wT7I8swFzybVtcUGTM5ZtsPGaCF2VU3WFzb.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.epravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=AqhrTv2U4Gq3vYapm9nS5.yW7SU6zs2Bdac5veoQf_D.n71odF_qSIm.BaYsOa9Zzq4jdWywKJRSfWMTbgnDiDt3eWfO/_aXAYqfxLN_lI/&ltime=202&fpdata=Ahq1AGJEn3W_PCsOJpAlI2Ytlsm2Gkt77Zbssziq.5X._7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 24 Oct 2022 00:20:49 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 124ms
37ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=6f9601585149dd967dd244efc3cca232&user_id=26cf88bd-c439-4686-a2cd-2f85cf6d45b4&utmb=80de2fbf-f074-49ba-bbca-46893daa5302&path=https%3A%2F%2Fwww.epravda.com.ua%2F&referrer=

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:49 GMT
x-correlation-id: 6cd77a4a575c32bc3366a8e5f7a0a953
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
447 B 108ms
34ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-554376-18&cid=1968916844.1666657250&jid=1067989281&gjid=1332680140&_gid=923182603.1666657250&_u=YEBAAUAAAAAAACAAI~&z=1642262562

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 00:20:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 108ms
35ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-554376-23&cid=1968916844.1666657250&jid=1058027484&gjid=1135837466&_gid=923182603.1666657250&_u=aEDAAUABAAAAACAAI~&z=919805076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.epravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 00:20:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 170ms
53ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.epravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 158ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.epravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 396ms
305ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1588133026348224&correlator=1179014498703795&eid=31068501%2C31070113&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=22308795431%2CEPD_SBR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=1&adks=4250636123&sfv=1-0-38&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1666657250049&lmt=1666657250&dlt=1666657249085&idt=746&adxs=1063&adys=423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.epravda.com.ua%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1155&ga_vid=1968916844.1666657250&ga_sid=1666657250&ga_hid=373511336&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

257428301b7d39827162b2a1da3bdfaa01a53fd598129e4894dd216bd57ea6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8333
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.epravda.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 z Show response
s.zmctrack.net/ Frame 1F67 102 B
453 B 75ms
74ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: fda1cf232c6a33654b77cdb9b6974e2f0692bea31acc247a62a9c9859aa2d9cf

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.epravda.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 43ms
42ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 48ms
47ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/6f9601585149dd967dd244efc3cca232/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 153ms
51ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-554376-18&cid=1968916844.1666657250&jid=1067989281&_u=YEBAAUAAAAAAACAAI~&z=1278101701

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 154ms
53ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-554376-18&cid=1968916844.1666657250&jid=1067989281&_u=YEBAAUAAAAAAACAAI~&z=1278101701

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ep_symbol_g.svg
www.epravda.com.ua/images/v3/ 55 KB
21 KB 34ms
32ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/v3/ep_symbol_g.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: d0b146ce430b2dde95394fc77767e79928c1debe317d4e659c53e1915a8a82df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/misc/v3/index.css?15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 11 Jul 2016 22:13:48 GMT
server: nginx
age: 984949
etag: W/"57841a1c-db2c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20988

GET
H3 200 ep_logo_g_ukr.svg
www.epravda.com.ua/images/v3/ 11 KB
4 KB 38ms
36ms Image
image/svg+xml 130.211.41.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.epravda.com.ua/images/v3/ep_logo_g_ukr.svg
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/misc/v3/index.css?15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.41.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.41.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b56813d08e9c7d5017283b8924c20ede0d5e434af73d1ad96a423cb8359fa1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/misc/v3/index.css?15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 14:45:01 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 22 Jan 2018 17:31:35 GMT
server: nginx
age: 984949
etag: W/"5a661ff7-2d46"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3702

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 152ms
63ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43f52f996cef23ee4da5b6fc2c687ddbdba7c5a0bdec111890ebb102c7877f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11324
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 00:20:50 GMT

GET
H2 200 container.html Show response
e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/ Frame DDEB 6 KB
4 KB 173ms
49ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:50 GMT
expires: Wed, 25 Oct 2023 00:20:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C0C8 13 KB
5 KB 126ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 23:53:40 GMT
expires: Tue, 24 Oct 2023 23:53:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E29B 783 B
534 B 135ms
51ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

102809639e5f25950d18d13666cb928167f90e9de842638b39598d3a2b8e1d34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zFtW-nSU74kieiRTOeUZnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zFtW-nSU74kieiRTOeUZnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:50 GMT
expires: Tue, 25 Oct 2022 00:20:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DF04 624 B
975 B 153ms
53ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYo9_IgAEwAQ&v=APEucNXUSbxKKBggYMG5Pnw47JPdRyzBLM-vDTxuZMrjlxF3t8U95z1CXXmN0V5Dm3li8z2un_NRG5suJUROw8_Q6EYVUjfzVwdFpPh-yEQi5aUXs81nYk1K8cngEdLsQ-10qjJiemGPU9vTsSXGZ1mmV96TFNr04VyQKu-EdhE-2u2CPr28yjo

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:50 GMT
expires: Tue, 25 Oct 2022 00:20:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DDEB 83 KB
35 KB 195ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An4-Ux0SUYgFsBBp7RDXSxsB_qaElenQzo1Y1VSMFQymKJ9732tJ5DbkVfekqCmYUzejAQO4vYsexGUnyM6hA1Sm8MaL41zSAShKvqk_0E2vxBvHhZNRS7NlJnR6YT-dNiJmrdFoGxCf_ons7TwySvrP6EGM0zDAYYEw-bCv-Yovy4WOk&dbm_d=AKAmf-Dbj7pC4dYPoh5g7XNr_k7_XYEJkm5BKHNsxEb3ZMN_q03xkjy1NSDgaFuXifDe_nvQaaClaHLODoYIxTza8pfoid92DBCmN4sjJ7XBdngqElqFyCwbkODboyLnmammyDIYLEqJSX1-s-onRyfAvvRh_OR0L2LmoM57AmqfJn3t0BE4Qpv6C_wFLzz2InVFXn_DMGRVMk3FOz2GSW-rl6Ejq_fwQoQAeyzho6mdH3FQvC_qBfX6VMmjFmySYyhQ7QtD5EyXbcLRI99H0idsl7GRoLQ6H4hYoElP_BwvY7lTeWBFLlpT25iXxXRPyOJ5kjnJgfgraLvcx3Yn9i63pY0sKhKQDDndCs6kjeYJnQhO2D7hHMuP-9mPKLRcFy6E9Lxh0XtYtGdPTWQc6yDr_tyiKD4YWM0wHC9MC8QSJpjSgvIuPh2dQumyYx4Y1e8XUAEFr5x7Xv8p5S4AvFjXpUfgCKcwbGT4XBLS3mGtV2T6JIeYaY5VKuA72QdEhxVQvwizmGHtaRwD88CKNdXO_xBK1vDQO4xBd_yvLv81yGJVZxXHysr8nCz8tUSoOxJmt7ZGT-gD1tlDrl7F_WnE4VQrtPW-1CdHUnjl4R35L6w8s2aoX9JGFp_gSYAB7XuGv5Qr4AJzhnqEH1JcOVwx4P4IWnLZmIlyfr-oqomuGb7_Go6bNwSLaCVKnkDvNzx9nVv9VOrbwgbLLaYGJoO-wafUeGR0vRmlFgIP5uVR9rtRCerfPkNg42URrwTMNZXPWaAlYRf7Lz00axRCsinyar09SWWaWXHpiDUqlPbKDlhnOGC3JuQEAGw_nkPRCgxG6hUJmrFzrahuvBZZbuPTDHjtdvTPKZc2FQkEKWHJa5Gflr3PZLs93WIOtb-uM8SRPqYXjdexfAeCRuMpltr1iXKh-71qgIG6805S6T5i18775Z-inFKHNcXRXcRwE962gz9XLekPLHJx18ZHk9SJTcX6QVa69Jduk7emIkcXuzG8GYYAsQdSQXMilv0r8iiySQlY-Wt3OgoiZBwBDDl1uHLFGHqBRIK4Q4wgYuEoKN8ecnp4G95edDqTXUa6CJqNVfQEv0-9JzazxTU_tLOxW0AKP5jXsyHLKImNjMF8qZpCHFBQYRZCadsVfwKI7dceumxOoOkTGlZ0IeN8lO6b_yI-SvlpoctsPnAp9bAsyDSGASDGi7H3g9lhJkT60VZJGD0xh33YvpJBQybVQcKkeff5-NmIrq1pvCt2j8LVUIz7L0gPx8G00She4Mni9LK2Z82N2MUcyZ-Dpo--8r9wwSYyS9D_jAENiJ_I6ahCJ9X6w4iM9MocMs0iiA3ksbRHzvKZI-5ia-KrCvJQbHl4BAX-ZY6qadI5GjKafbDNOXK0pEcrl--7j3_vAP42fPbUrhGgH2P0roCOnhEv6E6WwbM5iPho-43Kp2xM2FR-fUafTJedttJAcBDy0XmpkAGgzCruA9SmoOgervArQ3nfI31hIFHlbwR5vOpltsjEAOEEmii-alYjCn5GGQUz8ERCmVDq77vzOptWQxre2okzOiRTrfQUFZm5_CajBFsMBsy3CgkxNzkxpDUDfVJKMw48aj2A6c65QwtUyK_gwdBwTOKSZ3pnheSDpFvf20iwQA8YZgrEei3gaUmNmRXYT8ktGFgDcH5LyUk179Y67xkxhyVLTnRTKpw88gUEWvUeZtQEdW76TuksRxaRV33Sn1RrLUg8hqvXWcis3lQZLTjtICKIal7iJdass_whVDae8cD3IP82TOzBFRFWyP17ytoO_M_2X6TNCzcfMaJRqGWJZMQRsfdW814mXSaKZYqVo-viJS4MO79kMHF54XXqp10J3_x5O0ZRDVnrbX1QP17mojUJkl2D6K5cQhVl1u_VTS2pnsd9owVqY8FIjEh4AU494Lc942ucLbu4sNAbWcwR8gBZyHAnqKBopafj9PNOecLcRprvBCBoaCpEoOSuegC-88Ie3dXbWkZ-JRk4_XKRc7s2oDKYiJNBSgujT5Jff3n5PpMWLGFlF1LAI-t2lis7UZ1n7WEd0YDJyBCdGeBe68f-46Vgi0s3oPF0_15z1doOb_S5CnoiC653BBldqiXV3moDDrQmTaLbA_UHi573jRx_UXY5sw19u7r-A8suuDCYhFn_2h6xEepQuWwg2F1rv9RIBw6vsc_NpkiUgpXXJa7bDLlu8gYnyjyM62CY0P5JU7Y3Z8ao7UEK8fpr9ivY6pxMTIpC90oU_D6HuXkFSy6CN7H-fuLCYrHV3Ppk655oJYD7jnCsd_Z-AS9708IMqqd3HUFl4Ipvyhged__PkhC8S2pRr_NfvoBTbwfLukNr0lRXtAGTjQ_OPptuzBsl0--7LdsRbOxuCShyzRup98G3J1o8WzgcJPsZ6dyQBUAY8roGtZPaLLwTDIZnRLGk5tdRho5leE3vFXRpTq5RFOKSWdVHgzGxVL0-ZL6HOPRE26rg5UgLQOJbDywylCPbgyjP5nSwNQWO3sKLbT73PuM0il0Mg8BCf1Cx1h4bFmuJNaFkJEKtuW5tZ7tPAr6Ie7Swwifq_GD8mM7ElsgBBtZbAE_AxLojMF1pAb8FLOT1VFQhYlWsOMzCbOR-M3EVmBJPOlx3qhHcxPZqoR29FhIhcbcHEX67qkNxoSiUaLwie6AheX4rHM6zY7FDL6lBPcgUv8ckwq6C4LcyyVzjLbN8eH-G7MGgsQYjbD0P1bKhOGI1FwaVSAgFYZ6MrSuPCWTwZ3u8itrxBwobu_dfnfJ_okYyI7_hbPgqsrT7qjBFIGhIc4IVgfdTbcHxNjWDRh5sUBfI4X-7IzKId1ESx-ybxOF50Gdu2TxyrYRt0ybiLu4kN4pnhQPXrq8J5qwnbOFcVehROgGmrEK85tE1myaKQzdHHrVYAL5jhflEMtOsGrYGsorV81TV12OeFZgXwIwJgQg6M9qFIPMg2ii3YJm3Z-PHlTEj4nDjm9EOGmK1ek4lQ_yGqUJ8d6goKtJ2ArkK0PT4XmXOhW0sC9LPJG_inuJn6rwPz9LdEKDmtg0vHZvhqaHawt81mytyWkk-Mx_IPEKtla4_WGEtkoQAZGNlTBt_U0r6559_OkTc_VIdlGnodfwe63j6iD3tGD7ji8flMOlnhjP7Hdws0ec8P4U1WVetIzx6ryLppzU8409U8r2K2I8pyCb2x274iUbXM_N5zqkUeHl1WF3U6HyrIWtCI0OY2NljLJdGlSWhhlcga7ThSA2yET_2F1urD6hBLn3HEMHmkux3iSpVPKY2YB2p8XGbQDsvoOM_wDOratshqJizS7WNg46a8TvGBu5TKsC3_XZgfq3pJvmC208uMtHKfuSTSgFftljsBUWl40hqLZYejO-eMxG_JAiVtagS7081qN-9FQFaCWGmKMmVZunjYHURmeLv2zzZEVEijKCYtZIuzjq5oIEGaNvwsedKojce-ZRA&cid=CAQSPgDq26N92-q3pTnI-zOWfCYs-sQaLWEDukpyxvMqVMSWHWrCcsHkmAkF2wt5c9BYMjQEa7jQ88ADQw6FD57oGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.epravda.com.ua%252F%240

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb2ed7fed01feed25776bf4c40cbb84605238d515d8f19696e0ba2a4eaea8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35447
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDEB 42 B
63 B 162ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dml1QVY6Uwz_e1HZNArWLGeS_fMoDwaDiabQ4PcQfzJ_Ee-Pe1AQcfIwZlxDNT6n1D6KqGsQTZ6Gb7N_IzJBVOEcvASfQdh7Paug7MimVj_6-nH7c

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame DDEB 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 20:59:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame DDEB 17 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:21:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DDEB 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsxQEMtW1DscehBpW8brwUF9Ph4ziFDsgjeuxYd8hZALn9Q70HbNIgqrCgBgGbAbzLYy3zVEQhzD_hH3mrxe7QudMR9g
Requested by: Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDEB 152 KB
46 KB 141ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 00:20:50 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 490ms
36ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Oct 2022 00:20:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E29B 0
0 150ms
73ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101901&jk=1588133026348224&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame C0C8 36 KB
16 KB 116ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 22:05:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0x8eNG1xzhGpAfMZ6fS6Q&google_cver=1

43 B
766 B

72ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0x8eNG1xzhGpAfMZ6fS6Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYo9_IgAEwAQ&v=APEucNXUSbxKKBggYMG5Pnw47JPdRyzBLM-vDTxuZMrjlxF3t8U95z1CXXmN0V5Dm3li8z2un_NRG5suJUROw8_Q6EYVUjfzVwdFpPh-yEQi5aUXs81nYk1K8cngEdLsQ-10qjJiemGPU9vTsSXGZ1mmV96TFNr04VyQKu-EdhE-2u2CPr28yjo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0x8eNG1xzhGpAfMZ6fS6Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DF04
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1cr40p546OaafteVsOy1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHtXjCHTer_ERrC5QvPk1j4&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHtXjCHTer_ERrC5QvPk1j4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYo9_IgAEwAQ&v=APEucNXUSbxKKBggYMG5Pnw47JPdRyzBLM-vDTxuZMrjlxF3t8U95z1CXXmN0V5Dm3li8z2un_NRG5suJUROw8_Q6EYVUjfzVwdFpPh-yEQi5aUXs81nYk1K8cngEdLsQ-10qjJiemGPU9vTsSXGZ1mmV96TFNr04VyQKu-EdhE-2u2CPr28yjo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHtXjCHTer_ERrC5QvPk1j4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DF04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDJbyiwP91H11K441BQoqCA&google_cver=1

43 B
1020 B

36ms
35ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDJbyiwP91H11K441BQoqCA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQkLud7AEYo9_IgAEwAQ&v=APEucNXUSbxKKBggYMG5Pnw47JPdRyzBLM-vDTxuZMrjlxF3t8U95z1CXXmN0V5Dm3li8z2un_NRG5suJUROw8_Q6EYVUjfzVwdFpPh-yEQi5aUXs81nYk1K8cngEdLsQ-10qjJiemGPU9vTsSXGZ1mmV96TFNr04VyQKu-EdhE-2u2CPr28yjo

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:51 GMT
AN-X-Request-Uuid: 7196770b-b428-45af-80f9-878685a2db44
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDJbyiwP91H11K441BQoqCA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DF04
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjkzMTU1MzAyNTI0NjAyOQ%3D%3D

170 B
243 B

119ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjkzMTU1MzAyNTI0NjAyOQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:50 GMT
AN-X-Request-Uuid: c444b134-3140-4a51-b301-b2c6d9f5731b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcyNjkzMTU1MzAyNTI0NjAyOQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C0C8 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?el9H2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DDEB 170 KB
59 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
Origin: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Oct 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame DDEB 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An4-Ux0SUYgFsBBp7RDXSxsB_qaElenQzo1Y1VSMFQymKJ9732tJ5DbkVfekqCmYUzejAQO4vYsexGUnyM6hA1Sm8MaL41zSAShKvqk_0E2vxBvHhZNRS7NlJnR6YT-dNiJmrdFoGxCf_ons7TwySvrP6EGM0zDAYYEw-bCv-Yovy4WOk&dbm_d=AKAmf-Dbj7pC4dYPoh5g7XNr_k7_XYEJkm5BKHNsxEb3ZMN_q03xkjy1NSDgaFuXifDe_nvQaaClaHLODoYIxTza8pfoid92DBCmN4sjJ7XBdngqElqFyCwbkODboyLnmammyDIYLEqJSX1-s-onRyfAvvRh_OR0L2LmoM57AmqfJn3t0BE4Qpv6C_wFLzz2InVFXn_DMGRVMk3FOz2GSW-rl6Ejq_fwQoQAeyzho6mdH3FQvC_qBfX6VMmjFmySYyhQ7QtD5EyXbcLRI99H0idsl7GRoLQ6H4hYoElP_BwvY7lTeWBFLlpT25iXxXRPyOJ5kjnJgfgraLvcx3Yn9i63pY0sKhKQDDndCs6kjeYJnQhO2D7hHMuP-9mPKLRcFy6E9Lxh0XtYtGdPTWQc6yDr_tyiKD4YWM0wHC9MC8QSJpjSgvIuPh2dQumyYx4Y1e8XUAEFr5x7Xv8p5S4AvFjXpUfgCKcwbGT4XBLS3mGtV2T6JIeYaY5VKuA72QdEhxVQvwizmGHtaRwD88CKNdXO_xBK1vDQO4xBd_yvLv81yGJVZxXHysr8nCz8tUSoOxJmt7ZGT-gD1tlDrl7F_WnE4VQrtPW-1CdHUnjl4R35L6w8s2aoX9JGFp_gSYAB7XuGv5Qr4AJzhnqEH1JcOVwx4P4IWnLZmIlyfr-oqomuGb7_Go6bNwSLaCVKnkDvNzx9nVv9VOrbwgbLLaYGJoO-wafUeGR0vRmlFgIP5uVR9rtRCerfPkNg42URrwTMNZXPWaAlYRf7Lz00axRCsinyar09SWWaWXHpiDUqlPbKDlhnOGC3JuQEAGw_nkPRCgxG6hUJmrFzrahuvBZZbuPTDHjtdvTPKZc2FQkEKWHJa5Gflr3PZLs93WIOtb-uM8SRPqYXjdexfAeCRuMpltr1iXKh-71qgIG6805S6T5i18775Z-inFKHNcXRXcRwE962gz9XLekPLHJx18ZHk9SJTcX6QVa69Jduk7emIkcXuzG8GYYAsQdSQXMilv0r8iiySQlY-Wt3OgoiZBwBDDl1uHLFGHqBRIK4Q4wgYuEoKN8ecnp4G95edDqTXUa6CJqNVfQEv0-9JzazxTU_tLOxW0AKP5jXsyHLKImNjMF8qZpCHFBQYRZCadsVfwKI7dceumxOoOkTGlZ0IeN8lO6b_yI-SvlpoctsPnAp9bAsyDSGASDGi7H3g9lhJkT60VZJGD0xh33YvpJBQybVQcKkeff5-NmIrq1pvCt2j8LVUIz7L0gPx8G00She4Mni9LK2Z82N2MUcyZ-Dpo--8r9wwSYyS9D_jAENiJ_I6ahCJ9X6w4iM9MocMs0iiA3ksbRHzvKZI-5ia-KrCvJQbHl4BAX-ZY6qadI5GjKafbDNOXK0pEcrl--7j3_vAP42fPbUrhGgH2P0roCOnhEv6E6WwbM5iPho-43Kp2xM2FR-fUafTJedttJAcBDy0XmpkAGgzCruA9SmoOgervArQ3nfI31hIFHlbwR5vOpltsjEAOEEmii-alYjCn5GGQUz8ERCmVDq77vzOptWQxre2okzOiRTrfQUFZm5_CajBFsMBsy3CgkxNzkxpDUDfVJKMw48aj2A6c65QwtUyK_gwdBwTOKSZ3pnheSDpFvf20iwQA8YZgrEei3gaUmNmRXYT8ktGFgDcH5LyUk179Y67xkxhyVLTnRTKpw88gUEWvUeZtQEdW76TuksRxaRV33Sn1RrLUg8hqvXWcis3lQZLTjtICKIal7iJdass_whVDae8cD3IP82TOzBFRFWyP17ytoO_M_2X6TNCzcfMaJRqGWJZMQRsfdW814mXSaKZYqVo-viJS4MO79kMHF54XXqp10J3_x5O0ZRDVnrbX1QP17mojUJkl2D6K5cQhVl1u_VTS2pnsd9owVqY8FIjEh4AU494Lc942ucLbu4sNAbWcwR8gBZyHAnqKBopafj9PNOecLcRprvBCBoaCpEoOSuegC-88Ie3dXbWkZ-JRk4_XKRc7s2oDKYiJNBSgujT5Jff3n5PpMWLGFlF1LAI-t2lis7UZ1n7WEd0YDJyBCdGeBe68f-46Vgi0s3oPF0_15z1doOb_S5CnoiC653BBldqiXV3moDDrQmTaLbA_UHi573jRx_UXY5sw19u7r-A8suuDCYhFn_2h6xEepQuWwg2F1rv9RIBw6vsc_NpkiUgpXXJa7bDLlu8gYnyjyM62CY0P5JU7Y3Z8ao7UEK8fpr9ivY6pxMTIpC90oU_D6HuXkFSy6CN7H-fuLCYrHV3Ppk655oJYD7jnCsd_Z-AS9708IMqqd3HUFl4Ipvyhged__PkhC8S2pRr_NfvoBTbwfLukNr0lRXtAGTjQ_OPptuzBsl0--7LdsRbOxuCShyzRup98G3J1o8WzgcJPsZ6dyQBUAY8roGtZPaLLwTDIZnRLGk5tdRho5leE3vFXRpTq5RFOKSWdVHgzGxVL0-ZL6HOPRE26rg5UgLQOJbDywylCPbgyjP5nSwNQWO3sKLbT73PuM0il0Mg8BCf1Cx1h4bFmuJNaFkJEKtuW5tZ7tPAr6Ie7Swwifq_GD8mM7ElsgBBtZbAE_AxLojMF1pAb8FLOT1VFQhYlWsOMzCbOR-M3EVmBJPOlx3qhHcxPZqoR29FhIhcbcHEX67qkNxoSiUaLwie6AheX4rHM6zY7FDL6lBPcgUv8ckwq6C4LcyyVzjLbN8eH-G7MGgsQYjbD0P1bKhOGI1FwaVSAgFYZ6MrSuPCWTwZ3u8itrxBwobu_dfnfJ_okYyI7_hbPgqsrT7qjBFIGhIc4IVgfdTbcHxNjWDRh5sUBfI4X-7IzKId1ESx-ybxOF50Gdu2TxyrYRt0ybiLu4kN4pnhQPXrq8J5qwnbOFcVehROgGmrEK85tE1myaKQzdHHrVYAL5jhflEMtOsGrYGsorV81TV12OeFZgXwIwJgQg6M9qFIPMg2ii3YJm3Z-PHlTEj4nDjm9EOGmK1ek4lQ_yGqUJ8d6goKtJ2ArkK0PT4XmXOhW0sC9LPJG_inuJn6rwPz9LdEKDmtg0vHZvhqaHawt81mytyWkk-Mx_IPEKtla4_WGEtkoQAZGNlTBt_U0r6559_OkTc_VIdlGnodfwe63j6iD3tGD7ji8flMOlnhjP7Hdws0ec8P4U1WVetIzx6ryLppzU8409U8r2K2I8pyCb2x274iUbXM_N5zqkUeHl1WF3U6HyrIWtCI0OY2NljLJdGlSWhhlcga7ThSA2yET_2F1urD6hBLn3HEMHmkux3iSpVPKY2YB2p8XGbQDsvoOM_wDOratshqJizS7WNg46a8TvGBu5TKsC3_XZgfq3pJvmC208uMtHKfuSTSgFftljsBUWl40hqLZYejO-eMxG_JAiVtagS7081qN-9FQFaCWGmKMmVZunjYHURmeLv2zzZEVEijKCYtZIuzjq5oIEGaNvwsedKojce-ZRA&cid=CAQSPgDq26N92-q3pTnI-zOWfCYs-sQaLWEDukpyxvMqVMSWHWrCcsHkmAkF2wt5c9BYMjQEa7jQ88ADQw6FD57oGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.epravda.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:57:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 13:57:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame DDEB 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:40 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DDEB 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 07:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 07:42:33 GMT

GET
DATA 200
OK truncated
/ Frame DDEB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13538fef110c51c82c53968f874672cc902b66da0a701dd0773c7c36428a06a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 878F 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 146298
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 07:42:33 GMT
expires: Mon, 23 Oct 2023 07:42:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 878F 36 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 22:05:46 GMT

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame DDEB 1 KB
887 B 141ms
40ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148819&ord=9220231
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 05:55:18 GMT
content-encoding: br
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 66334
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QCDaiG9H8fKYFEVQMLkPKafqFAvxxGLjEJ3NFegmiGlQxxW7tAW2cQ==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 212 KB
32 KB 133ms
50ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65bb06b181f59165b6d9906e6dcd6ffc956d43cb39d7fdebb3b4005820abe2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:51 GMT
expires: Wed, 25 Oct 2023 00:20:51 GMT
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDEB 0
622 B 191ms
87ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuutXX9obs5QgJmSzd6tPzLdNO_r-ZBum1WDoyktJ780jZRxvAqcMjujV1x-5HLuX-Vh-hswyUcUNwUFLIiG-q3yvgkJRonbam2Fp-lC0_x_hitkkMC5tIS0m8GqmW6D6yTrdOSq7R4BFfHPt3IzZtypzB6EG9Izb_0l-3uiAmOO8CqS9dv5PryDFesp3NQ8Dvh2PbSxkzIlNaYA_60ab-ASVkK7Nkc-wW1N3VIdQMuv5tVtv9TXODGLUpItje7HJ_aIn78pvaOL7reoXtSGWaVEIYU5OW3vhqhNPIKox0gDs0ae17-mcpZuvcAfM1dAMr6B6ibr5R-QUt0kn-YO_k8A91NvVzYoWvgANfjy-zCWPiSUzPB0Pu6b5ZQkjF2JfJu-D3RKgFMmc6RAEhS2fxoTj42crgqlxcmyFH8ptaOL9r-h-Slow6-w7ctQ107QbFCcKrROgPGyGb17PySW0PDw4PfTVCtSUHnDzfvRg5jUMtzVS0ga0bokaY0FQXLta0jpz6DMtsdiKL1nYX2XDkf1ZVaTLTVGFoKJBVRbiMmVhZ_SNjDYGd0Vmql_X__La-nektyjhXcU7yDSQWurAjjnqRzOEAAaSYtKm-qHjxRN4CBSpckmNi0FnJh39guDc2P1-5rMVSa_AmPh0p8OLUJqhHIKegyiCtitTG-6xCkaHjVPYplnE38fRhRYHET92eRGssxMD2coHZ1pK3qbSsWP3rO9uho0_lwYmvCjsqIBDMznDunGmNZUapK5MMRDwm2LvncH0C4OGs-lH6852DHqkfVG9jWHNYEHL1ugchquBSvFSJUcCI3w-JYdDN8PP9Glp6slGmN0a-EG4h0E-kmn0BgqYrZPy3dkiBRotr_PTDgHHv1xNRXkFYGol3RKO4znZM_-vyLgkpmEt_qOzrdL9gP5AA1sbHfpoLcRilNoGBYJhZplC6XV2I0B4CBSDW_nNzYwjF9qpQD9DI58yIGjAPuPrAubwsF9duqkHE49H3s72xlOlUEHMoHA1-PGZvLeYp2PYqkPNlEvDdeqLPPbjxdInPJAmTIaq2GwSjnD7oz3UGwJn-ggcnWcwoqqdnvDCsmiydWJ1BmidlIH4W0V0QqYQyZ_0eqmp8nnNvPVvfWkaE__YxuFzVlTqe0bqdRGsuEDWVvSjlFArA_vlLizV62kOezyAPV-XzZwSqIfBx7bGygBRY4OdnuNIRDatSo91iuiyCNrmp9GHyo0I59lAv9ZLJCvPXZYOlL71uMt8psOJ2_kXVkf2EqqocaoVrWNVBprSgO-EU7Ln5aTepq&sai=AMfl-YSjrzBUdF2NKJCtowiWXt6ICNTBXLpPgBjPUSxmLG2bLqZVyvl0WBZJARGborpy0SU6jl8q6vVIC6_xdcCJEPP1IIvBA5n7N3SAk35WCS7preg81RbtwQ9BCtwfpOQBy4aqwdPBp3kJmSjoKXaVmQptjHfugOa1Mm5sypuF9ZF0-cSUGhxYDmhA_LWKs5ArDNkvUnAfp6O-KREhJqO3OqSBj4TKgjrhd4FsKgG10KOI6IYmKTvA5Z5ZS-KSELQOHr8mEUo6anJNwyiPMVxQ&sig=Cg0ArKJSzFOiWnzfe918EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=266&cbvp=1&cstd=260&cisv=r20221020.83376&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 00:20:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2EF1 15 KB
6 KB 217ms
35ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.epravda.com.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:20:50 GMT
server: Kestrel
server-processing-duration-in-ticks: 340321
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 105ms
36ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 01 Oct 2022 02:55:29 GMT
server: nginx
etag: W/"6337ac21-161a8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Oct 2022 00:20:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 878F 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj1iY4itXY-iaN_uV7_UP396d2AgAAAAAOAHgBAI&bg=!NzSlNHDNAAaaxvStusY7ACkAdvg8WrQ6rPVXPrHKBxxEQLRPo8bJ4-v44YTfmMYRWX1jveeT6JuamwIAAACCUgAAAAJoAQcKAE0ApFk9N1dHqzo_3TJmdqYtKsAEu6BgC3bbLE3jnabtGjGsu18vj7oI0EDwzu2tHtvZqHVOV0719-kGszNpaBgdWj1m-hcC0CIsWpvq7pkC8mdx-vVWAjOZCO2w9s8oyilszlI5WoPIKjFzo0Pe9HZ3GEXFu3senQ38yid_JJ7HZfdI1EbHpqWCEm_LIt1uj8UE-T44remBOjhjCY2LfHmoH2fyiOKxz2bBeu-h8Ph57Fd5Y_RWR6SHvq_M7vu-eOQdMFfxIgOylWFqTHjQn7e0jBJ138owTpbZQpdaZLb5QqiNX0CLXS-S8Jg7cyc5_AIuKRCM446QJ2rkoqIokbokICVXfg4qCa-P7If5yyUdmQjX_GifZjUKuBYiRccNlOVOMDuUNLWKFUyglX85Yqbiwfh1hjRiex4RZJDYOqhh-U2FaqyciYyvbuQjUHxxs19FD9H2F2FHFxEGTeE_AQzzFf07Vo_KEAimNVlgtcPH7x0R7uxW9o3_oILJ49jN7PpKUFHpk4_UGPMEqKlduA7MQigWue1CQMb75ZVcyt5L1c9bOor7TBRq8AyIJrcIcxxzN_MWPbhRDa2Br7Y6WskReScc2qB7GUFiBfKFN3PP_KXqis7fSOtpUptWSRVJmoYr8sl05tQBDqMcF_zCkrovO_RrhyAizZKafkkBDNn3FP9vJd1GrtmLzL0941_8H0A1wQmt_yWXoYwJbqfUtlqE0bpCGKh1b2GrL9DwDx3DAp9Y75Baoj7PX9YyOrzXXXQ2N1FPyz5F9rGOHvKvJmuLnhjjNfA-A7JF0bZVCgq5dzgWfOaLBfmuPjjZ0IpE9iHW-jXLZPZIKjtusNSQHSMl1DJjUcGyJLqR2z_JDXRDkirZGMbZhx5fZfIh1cLSCEi49nV_AVmAR0cJXgL0cZ1QlMGnW4NaiaVxOR_rMn24lkVvTabGhjqsasCOD31WkqffzK13BGPHrrtSPs7qnz3AZc5KWWSLpwrBs0GLYG2FLJDaiTRkNu1v_vnfNapQN89y0_agcNoqrzifv26LWT3HymAB1Dh9JGq1iiHDMWLo_llI3AURpp2x4QHsawfKGzNEhtID8GIoB0N0k8VfSEN56oI

Requested by

Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 28D0 118 KB
40 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Oct 2022 11:10:17 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame DDEB 19 KB
7 KB 41ms
41ms Script
application/javascript 65.9.66.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1666657251465
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=279148819&ord=9220231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 04:07:18 GMT
content-encoding: br
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 12:39:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 72814
etag: W/"79bdbba51b195bc000950e9ac2e73e9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dgC3J5PHxFZOW2Dcr1ON4wuiXK3s0nWE7pXVCUyGcggJV25Z69AFSQ==

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame DDEB 74 B
323 B 137ms
40ms Image
image/png 54.154.25.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?498045143220=&n_o_aut_tc=279148819&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
URL: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.25.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-25-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 00:20:51 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 154 KB
69 KB 42ms
41ms Font
font/otf 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70565
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 20:43:12 GMT

GET
H3 200 Gotham-Medium.otf
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 126 KB
59 KB 53ms
53ms Font
font/otf 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/Gotham-Medium.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 12:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60432
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Oct 2023 12:04:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101901&jk=1588133026348224&bg=!LC-lL2vNAAaaxvStusY7ACkAdvg8Wjxxyo8upbbgr7UNViNW7z4tDncnDfZL1gRiOsEK63cSu7nPHgIAAABOUgAAAAJoAQeZAqCSthPyncIAPMZIoALb0qDSeodDnB03Emf3CWH6dNM3e0nbXtJZXIXjNRMqt3EuabaY_HlH2AMmVle6TtZOmLJHj5QoydLYY_UF3h1cWOx44lfjH3Lja2WLvHEMH5-ffZC-q3kNvJpsJ5KCrcJ2DNZeglJoKrHIevAVmIBEOi4XfCIVMyZ-6kBrcvJyjld7KyYL0TJ9qBGzQs4LAFcXdHBp9Fepq_B-PMHHBazkE0z0JLczfM2IDIsXGKC9FSFG1noM3CxgSzZxThIvp72hIXsejCVPwuoApC0fRArjjjgQpvbXe0Aw6LWQL-HthFArjdTeS4hBmfLYu6bsC4aq10eoQaqhb5SocrquXBGTMcir7M-wi8AmMa_EdEu-UXH2zaOXL0l4L7F8J-hAdOebb6cmi_cjZHGicF91Z0g-EdDMvGJDssEBRWdwBmLHArLD7j46wPasbFcaI96OzGOQ8zHtWkRWlimIX79onOo7nz9_D2Dc5ukaUj7ypjLTtnFKEyVfQJaYqM9AIg-ehwMx5J7Pr8vQCpdBWKQFHbkSFoI227-yurApYK8TvXEJrQkb27s8egw52xosE4bgIwJb5kMaW9g85FwIg3k3EADCe4TiLgG36aXJk-Nrih3IgG8P8c-OYhwMiFYRCG75ENeQiH9DAmxhQh4CbTm-m_2C-4xgljWtlIyrqYk6wIu4e0AqQZfUo6q9AsNXkCBo6eGyfWDayvmaCGdiQnnRdeo0q2kYHSLhfTDR1g0n0CO5a-ZdEI4ix4TX0t7VtfO01xLViHRSOrenuaJnOw0B8vmTkxHuwwDoJk5Ufij8ICQpXLknXOA3CQXjTMpFC4WAmZzFiSvz36iDDvlqUKSV1OJhpAPrC3EI6cubQH-vNpYHfXVvcno
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2EF1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=epravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.epravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=VD7Vznx1ZkNrbS9BZ2JTdmhONFduT2ZpUmgyeEI2cTR1STBSazBGNFpWK0JjOTNsTTZJN3JUWW9JSGE2Z28rQ2ZnRTBZYy9WT3pSbHRRY28vL0NMdHU5K0k2WFVoUTBaTFl3cEZDb3VVdXg1S0tMNnZNaC9vaTQzSG5OdV...

447 B
655 B

324ms
38ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VD7Vznx1ZkNrbS9BZ2JTdmhONFduT2ZpUmgyeEI2cTR1STBSazBGNFpWK0JjOTNsTTZJN3JUWW9JSGE2Z28rQ2ZnRTBZYy9WT3pSbHRRY28vL0NMdHU5K0k2WFVoUTBaTFl3cEZDb3VVdXg1S0tMNnZNaC9vaTQzSG5OdVlxYzAzMFMzRFdRZU1vakRWbWtsSUVnVnRKbWx1bzlhYTdjTzIvV29saDYxRG5EN2J2VU1SZHRkQ09HbkgyUWk2c0lNNVl3YW5TdmI2ZUgxUmM0MFo4dVFWVHNQMHhYUDRBQzhod0l6b1U3R2J3MGZGbUtCMDZkK0RIWVY5OE9qMS9BZ0FVNVhXYktlQzZOY1FzaVQ5ODlHZVRYeFUxT3lFandReWxnUytTN2NXb292OXFEdz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d75d924894d9cc7e47c2cd37b791ebd7bfdb610c3c85b533d6c0e8cd6670aa96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2010037
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VD7Vznx1ZkNrbS9BZ2JTdmhONFduT2ZpUmgyeEI2cTR1STBSazBGNFpWK0JjOTNsTTZJN3JUWW9JSGE2Z28rQ2ZnRTBZYy9WT3pSbHRRY28vL0NMdHU5K0k2WFVoUTBaTFl3cEZDb3VVdXg1S0tMNnZNaC9vaTQzSG5OdVlxYzAzMFMzRFdRZU1vakRWbWtsSUVnVnRKbWx1bzlhYTdjTzIvV29saDYxRG5EN2J2VU1SZHRkQ09HbkgyUWk2c0lNNVl3YW5TdmI2ZUgxUmM0MFo4dVFWVHNQMHhYUDRBQzhod0l6b1U3R2J3MGZGbUtCMDZkK0RIWVY5OE9qMS9BZ0FVNVhXYktlQzZOY1FzaVQ5ODlHZVRYeFUxT3lFandReWxnUytTN2NXb292OXFEdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 726435
content-length: 0
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 28D0 7 KB
6 KB 134ms
52ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

049d93fbefae1ea85e4afabae3db28e03c7e6040c594be384cfbdeafd6e80096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDEB 0
26 B 164ms
79ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuutXX9obs5QgJmSzd6tPzLdNO_r-ZBum1WDoyktJ780jZRxvAqcMjujV1x-5HLuX-Vh-hswyUcUNwUFLIiG-q3yvgkJRonbam2Fp-lC0_x_hitkkMC5tIS0m8GqmW6D6yTrdOSq7R4BFfHPt3IzZtypzB6EG9Izb_0l-3uiAmOO8CqS9dv5PryDFesp3NQ8Dvh2PbSxkzIlNaYA_60ab-ASVkK7Nkc-wW1N3VIdQMuv5tVtv9TXODGLUpItje7HJ_aIn78pvaOL7reoXtSGWaVEIYU5OW3vhqhNPIKox0gDs0ae17-mcpZuvcAfM1dAMr6B6ibr5R-QUt0kn-YO_k8A91NvVzYoWvgANfjy-zCWPiSUzPB0Pu6b5ZQkjF2JfJu-D3RKgFMmc6RAEhS2fxoTj42crgqlxcmyFH8ptaOL9r-h-Slow6-w7ctQ107QbFCcKrROgPGyGb17PySW0PDw4PfTVCtSUHnDzfvRg5jUMtzVS0ga0bokaY0FQXLta0jpz6DMtsdiKL1nYX2XDkf1ZVaTLTVGFoKJBVRbiMmVhZ_SNjDYGd0Vmql_X__La-nektyjhXcU7yDSQWurAjjnqRzOEAAaSYtKm-qHjxRN4CBSpckmNi0FnJh39guDc2P1-5rMVSa_AmPh0p8OLUJqhHIKegyiCtitTG-6xCkaHjVPYplnE38fRhRYHET92eRGssxMD2coHZ1pK3qbSsWP3rO9uho0_lwYmvCjsqIBDMznDunGmNZUapK5MMRDwm2LvncH0C4OGs-lH6852DHqkfVG9jWHNYEHL1ugchquBSvFSJUcCI3w-JYdDN8PP9Glp6slGmN0a-EG4h0E-kmn0BgqYrZPy3dkiBRotr_PTDgHHv1xNRXkFYGol3RKO4znZM_-vyLgkpmEt_qOzrdL9gP5AA1sbHfpoLcRilNoGBYJhZplC6XV2I0B4CBSDW_nNzYwjF9qpQD9DI58yIGjAPuPrAubwsF9duqkHE49H3s72xlOlUEHMoHA1-PGZvLeYp2PYqkPNlEvDdeqLPPbjxdInPJAmTIaq2GwSjnD7oz3UGwJn-ggcnWcwoqqdnvDCsmiydWJ1BmidlIH4W0V0QqYQyZ_0eqmp8nnNvPVvfWkaE__YxuFzVlTqe0bqdRGsuEDWVvSjlFArA_vlLizV62kOezyAPV-XzZwSqIfBx7bGygBRY4OdnuNIRDatSo91iuiyCNrmp9GHyo0I59lAv9ZLJCvPXZYOlL71uMt8psOJ2_kXVkf2EqqocaoVrWNVBprSgO-EU7Ln5aTepq&sai=AMfl-YSjrzBUdF2NKJCtowiWXt6ICNTBXLpPgBjPUSxmLG2bLqZVyvl0WBZJARGborpy0SU6jl8q6vVIC6_xdcCJEPP1IIvBA5n7N3SAk35WCS7preg81RbtwQ9BCtwfpOQBy4aqwdPBp3kJmSjoKXaVmQptjHfugOa1Mm5sypuF9ZF0-cSUGhxYDmhA_LWKs5ArDNkvUnAfp6O-KREhJqO3OqSBj4TKgjrhd4FsKgG10KOI6IYmKTvA5Z5ZS-KSELQOHr8mEUo6anJNwyiPMVxQ&sig=Cg0ArKJSzFOiWnzfe918EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&vt=11&dtpt=347&dett=3&cstd=260&cisv=r20221020.83376&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 texto_logo.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 5 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/texto_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2125
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Oct 2023 20:03:53 GMT

GET
H3 200 sol_logo.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/sol_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 20:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 20:24:07 GMT

GET
H3 200 PALM.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 3 KB
2 KB 43ms
42ms Image
image/svg+xml 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/PALM.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1519
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 19:31:21 GMT

GET
H3 200 palmera2.png
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 960 KB
961 KB 50ms
50ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/palmera2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 20:29:50 GMT
x-content-type-options: nosniff
age: 445861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 983441
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 20:29:50 GMT

GET
H3 200 palmera.png
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 28D0 941 KB
941 KB 48ms
47ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/palmera.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 20:23:02 GMT
x-content-type-options: nosniff
age: 446269
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963679
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 20:23:02 GMT

GET
H3 200 reservafelicidad_pros.jpg_1652097210214_reservafelicidad_pros.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame 28D0 718 KB
718 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/reservafelicidad_pros.jpg_1652097210214_reservafelicidad_pros.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4a04c3961a4e78fdd57c85b5ceb1183f6473d1a68de9279b409e8b47363d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=YcJxsGtye8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 06:37:42 GMT
x-content-type-options: nosniff
age: 322989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 735468
x-xss-protection: 0
last-modified: Mon, 09 May 2022 11:53:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 06:37:42 GMT

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame DDEB 0
105 B 40ms
40ms Image
text/plain 54.154.25.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?439144449768&n_o_aut_tc=279148819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.25.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-25-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 00:20:51 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 28D0 17 KB
6 KB 1156ms
1155ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 00:20:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDEB 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufcSiPA1iB7g26PBjWDFGybxXM-2ulEnQ4EXbbQ4VYV7Egm0AOqLJ_CH2m7EjpcdV-nFL2GCfrtgaMrP4QHcwPx9KHvLKC8VKE5VxbYe-t3fD82UVuDtOrZPNNH96ZwqWkmTXzcGI&sai=AMfl-YQGWLpFpj6TKvoSxNPcLilwcnFxs79TRvc9r5mHr6FdzLBX1ksE7uuIMBGavWlV-utcdxeLW9YDreJSBVVE1fl1BJmBfb23T__j-4taoDaXBxZQxE7VNPNazxuGkYrFZg&sig=Cg0ArKJSzJ5jyHAr4YvWEAE&cid=CAQSPgDq26N92-q3pTnI-zOWfCYs-sQaLWEDukpyxvMqVMSWHWrCcsHkmAkF2wt5c9BYMjQEa7jQ88ADQw6FD57oGAEgDg&id=lidar2&mcvt=1000&p=298,1063,548,1363&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4250636123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666657250465&rpt=632&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js Show response
pagead2.googlesyndication.com/bg/ Frame 35A2 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/uorw1Q15Z41enm5ok1wjUR_2roEciA9rCBWFXmlrAj4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 22:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 22:05:46 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 12D0 3 KB
2 KB 88ms
29ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 115
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 75f6c9f7ddff35c5-MAN
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 00:20:53 GMT
expires: Tue, 25 Oct 2022 04:20:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5FC3 52 KB
17 KB 204ms
45ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 25 Oct 2022 00:20:53 GMT
ETag: "623de86a-cf34"
Expires: Wed, 26 Oct 2022 00:20:55 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CE45 37 B
140 B 147ms
47ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 25 Oct 2022 00:20:53 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 37A0 281 B
554 B 137ms
41ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/epd/ym.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.epravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Oct 2022 00:20:53 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=f8d7730cc17846f38400ac827619c37b&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=f8d7730cc17846f38400ac827619c37b&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=admixer&user_id=csonata_1be2e1cb-8d8b-4c85-b52f-d3c6f09e604c&bsw_param=747d5d64-75eb-436e-9b7f-26f994e90e51&expires=10
https://inv-nets.admixer.net/bs/cm.aspx?id=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&consent=&gdpr_pd=

43 B
463 B

41ms
40ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&consent=&gdpr_pd=

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 00:20:53 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Location: //inv-nets.admixer.net/bs/cm.aspx?id=747d5d64-75eb-436e-9b7f-26f994e90e51&gdpr=&consent=&gdpr_pd=
Date: Tue, 25 Oct 2022 00:20:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

37ms
36ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT, Tue, 25 Oct 2022 00:20:53 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Tue, 25 Oct 2022 00:20:53 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 365ms
34ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:52 GMT
content-length: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 237ms
57ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=f8d7730cc17846f38400ac827619c37b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 25 Oct 2022 00:20:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
776 B 36ms
35ms Image
image/gif 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=f8d7730cc17846f38400ac827619c37b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
AN-X-Request-Uuid: cb1ec29b-c7f9-4789-b612-e706690d1086
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 5930 2 KB
1 KB 248ms
127ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee1b6168ba519ded689659b2019c46554e4db2080d0fdfa8dcf4ff93f905a805

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75f6c9f8dcaadd3b-LHR
content-encoding: br
content-type: text/html
date: Tue, 25 Oct 2022 00:20:53 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 37A0 32 KB
10 KB 42ms
42ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 00:20:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10149
Connection: keep-alive
Content-Length: 9454
Expires: Tue, 25 Oct 2022 03:10:02 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FC3 0
747 B 36ms
36ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
AN-X-Request-Uuid: f08d1a72-0ed2-4393-8793-b867a4c3bd1c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37A0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOR1AwRlctVS1IUEdZ

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOR1AwRlctVS1IUEdZ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOR1AwRlctVS1IUEdZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 37A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO6ILXHmyu--rLB0XMxKDuU&google_cver=1

0
239 B

169ms
43ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO6ILXHmyu--rLB0XMxKDuU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO6ILXHmyu--rLB0XMxKDuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 37A0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZXEl0bfpTBy4GJvH7Gtyqg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXEl0bfpTBy4GJvH7Gtyqg

43 B
479 B

46ms
45ms

Image
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXEl0bfpTBy4GJvH7Gtyqg

Protocol

HTTP/1.1

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 14KBEHWYWDJVY5VJNR8A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXEl0bfpTBy4GJvH7Gtyqg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjM3MDY2NzNlMzgxN2E1OGNmMTA2NmMwZDQ4NzZmZDA5YzU0ODYxYQ

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjM3MDY2NzNlMzgxN2E1OGNmMTA2NmMwZDQ4NzZmZDA5YzU0ODYxYQ

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjM3MDY2NzNlMzgxN2E1OGNmMTA2NmMwZDQ4NzZmZDA5YzU0ODYxYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 37A0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NGP0FW-U-HPGY

0
924 B

206ms
136ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NGP0FW-U-HPGY
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:53 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 12422733DADE458284185632E6B83953 Ref B: LTSEDGE1812 Ref C: 2022-10-25T00:20:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXr0OGRJQbFXXq53YpSxg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NGP0FW-U-HPGY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 37A0 70 B
264 B 131ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 37A0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/tkqpHkqkvWH0cq4FSeFXIg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1933084313424625552

0
239 B

44ms
43ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1933084313424625552
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 25 Oct 2022 00:20:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1933084313424625552
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 37A0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BWO7SIgPQ9ivd3QOcgp4Zw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BWO7SIgPQ9ivd3QOcgp4Zw

43 B
479 B

119ms
118ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BWO7SIgPQ9ivd3QOcgp4Zw

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BFM37RN3VB99X38GVVN3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BWO7SIgPQ9ivd3QOcgp4Zw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 5930
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1cr40p546OaafteVsOy1wAADG0AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKQN0vJpTQcAQWcvW55bGlE&google_cver=1

43 B
591 B

163ms
112ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKQN0vJpTQcAQWcvW55bGlE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75f6c9fa6c377741-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKQN0vJpTQcAQWcvW55bGlE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5930
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB&dcc=t

43 B
855 B

127ms
126ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZZ7CPRE2N1HP5Z8W5ZPA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JXKZ3S1YKTBXANEPRRGG
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1cr40p546OaafteVsOy1wAADG0AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5930 70 B
265 B 93ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Oct 2022 00:20:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 Y1cr40p546OaafteVsOy1wAADG0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5930 43 B
602 B 178ms
55ms Image
image/gif 2a05:d018:d29:3602:b152:500b:646e:5f14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y1cr40p546OaafteVsOy1wAADG0AAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:b152:500b:646e:5f14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5930
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e07d6357-2be6-4900-9617-37d47789927e

43 B
766 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e07d6357-2be6-4900-9617-37d47789927e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Date: Tue, 25 Oct 2022 00:20:54 GMT
Server: MT3 4539 98cc2da master nrt-pixel-x14 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e07d6357-2be6-4900-9617-37d47789927e
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 Oct 2022 00:20:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5930
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jGKRkx3zTvtb4ixRgQ108dmKxGU

43 B
766 B

121ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jGKRkx3zTvtb4ixRgQ108dmKxGU
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=jGKRkx3zTvtb4ixRgQ108dmKxGU
Date: Tue, 25 Oct 2022 00:20:53 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 5930
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cac3a814-c6af-396b-5bbc025e

43 B
766 B

172ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cac3a814-c6af-396b-5bbc025e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 25 Oct 2022 00:20:53 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cac3a814-c6af-396b-5bbc025e
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H2 204 /
csync.loopme.me/ Frame 5930 0
40 B 138ms
40ms Image
text/plain 35.214.174.31
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 31.174.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:53 GMT
server: _

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 5930 43 B
352 B 87ms
30ms Image
image/gif 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y1cr40p546OaafteVsOy1wAA%263181
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.epravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:20:53 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 6647
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75f6c9fa18ad54ab-MAN
content-length: 43
expires: Wed, 26 Oct 2022 00:20:53 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FC3 0
747 B 36ms
36ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 00:20:54 GMT
AN-X-Request-Uuid: 7518359a-23ed-426f-90a1-b6d8e9745b45
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.101; 217.138.196.101; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 68ms
68ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://www.epravda.com.ua/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:28 GMT
date: Tue, 25 Oct 2022 00:20:55 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: REVALIDATED

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 49ms
49ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: www.epravda.com.ua
URL: https://www.epravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://www.epravda.com.ua/
Origin: https://www.epravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Tue, 25 Oct 2022 00:20:55 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 796286981.jpeg
cdn.gravitec.net/images/users/1745923870951473152/ 3 KB
4 KB 42ms
42ms Image
image/jpeg 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1745923870951473152/796286981.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a8b93fcb00dd80f66472f0ce703cdd6ca388363e4499efe6fd715f5f0204131

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.epravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Tue, 25 Oct 2022 00:20:55 GMT
last-modified: Thu, 13 Oct 2022 08:50:23 GMT
server: nginx
etag: "6347d14f-d64"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3428
x-proxy-cache: HIT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 09:07:13	Name: am-uid Value: f8d7730cc17846f38400ac827619c37b
www.epravda.com.ua/	1970-01-20 06:59:03	Name: _io_ht_r Value: 1
.epravda.com.ua/	1970-01-20 06:57:38	Name: __io_d Value: 1_705468254
www.epravda.com.ua/	1970-01-20 15:43:13	Name: __io_lv Value: 1666657249555
www.epravda.com.ua/	1970-01-20 15:43:13	Name: __io Value: 7110d78e7.7d21f22b5_1666657249556
.epravda.com.ua/	1970-01-20 06:57:39	Name: __io_session_id Value: 7f7028e68.765938e81_1666657249557
.epravda.com.ua/	1970-01-20 06:57:38	Name: __io_nav_state42125 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.epravda.com.ua%22%2C%22previousDomain%22%3A%22%22%7D
www.epravda.com.ua/	1970-01-20 15:43:13	Name: __io_unique_42125 Value: 25
www.epravda.com.ua/	1970-01-20 06:59:02	Name: __io_uh Value: 1
www.epravda.com.ua/	1970-01-20 06:57:38	Name: __io_visit_42125 Value: 1
.tt.onthe.io/	1970-01-20 06:59:03	Name: io_uid859faaebd514d65ed0a19a5eea288384 Value: 25
.tt.onthe.io/	1970-01-20 13:19:13	Name: io_user_hash Value: 7110d78e7.7d21f22b5_1666657249556
www.epravda.com.ua/	1970-01-20 16:33:37	Name: cbtYmTName Value: fwRdFhtdRV1PHh5PHRxJS05NSxpORxlKXQLY
.epravda.com.ua/	1970-01-20 16:33:37	Name: _ga Value: GA1.3.1968916844.1666657250
.epravda.com.ua/	1970-01-20 06:59:03	Name: _gid Value: GA1.3.923182603.1666657250
.epravda.com.ua/	1970-01-20 06:57:37	Name: _gat_gtag_UA_554376_18 Value: 1
.admixer.net/	1970-01-20 09:07:13	Name: am-uid Value: f8d7730cc17846f38400ac827619c37b
.epravda.com.ua/	1970-01-20 06:57:37	Name: _gat_gtag_UA_554376_23 Value: 1
.epravda.com.ua/	1970-01-20 16:26:25	Name: __gfp_64b Value: Ahq1AGJEn3W_PCsOJpAlI2Ytlsm2Gkt77Zbssziq.5X._7\|1666657249
www.epravda.com.ua/	1970-01-20 16:33:37	Name: GN_USER_ID_KEY Value: 26cf88bd-c439-4686-a2cd-2f85cf6d45b4
www.epravda.com.ua/	1970-01-20 06:57:39	Name: GN_SESSION_ID_KEY Value: 80de2fbf-f074-49ba-bbca-46893daa5302
.adnxs.com/	1970-01-20 09:07:13	Name: icu Value: ChgI8K5_EAoYASABKAEw4dfcmgY4AUABSAEQ4dfcmgYYAA..
.adnxs.com/	1970-01-20 09:07:13	Name: uuid2 Value: 2726931553025246029
.hit.gemius.pl/	1970-01-20 07:07:42	Name: Gtest Value: KlGIYRMGQMGGQ-bGTGA_c9uGssaijgtcMGQSIpyM6vGiMG..
a4p.adpartner.pro/	1970-01-20 08:24:01	Name: apuid Value: dfdc3a3c-044d-4af7-a3a2-807aace7c418
.rubiconproject.com/	1970-01-20 15:43:13	Name: khaos Value: L9NGP0FW-U-HPGY
.rubiconproject.com/	1970-01-20 15:43:13	Name: audit Value: 1\|hLZGFuTafB3polwuES/U81qbBgMWySGKoH1GQZR6kuhDnSVvB8ePMGEYCUyR1k014a6cPZSgLAxtrWIvZJIuaCoz2L3XiTieC/O3DfsjtcTQD5U7tEfUTQ==
loadercdn.net/	1970-01-20 16:33:37	Name: vui Value: a6ef5c83e698405599f9f3750eca15da
.hit.gemius.pl/	1970-01-20 16:26:25	Name: Gdyn Value: KlxndMXGQMGGQ-bGTGA_c9oissGMm19cL6nxmG7097eAlJaiGsRPtP7iGKGGqn65gGl8leB2GQRPgS9THFSG
.epravda.com.ua/	1970-01-20 16:19:13	Name: __gads Value: ID=2559647e6fdf1188-227ee79056ce00a5:T=1666657250:S=ALNI_MYpLCm69u-d9cmiXl6vHIll0WSDYw
.epravda.com.ua/	1970-01-20 16:19:13	Name: __gpi Value: UID=00000b7835ff696e:T=1666657250:RT=1666657250:S=ALNI_MbKQuWXEMNRBIyRFjHujct1sUyiPw
.doubleclick.net/	1970-01-20 16:19:13	Name: IDE Value: AHWqTUng_1fgRSqGV8_ZpX7d_L05_8SkyTe5PC6Z-3Ri6JYKdAiNoC4vCf-GCSosguI
.casalemedia.com/	1970-01-20 15:43:13	Name: CMID Value: Y1cr40p546OaafteVsOy1wAA
.casalemedia.com/	1970-01-20 09:07:13	Name: CMPS Value: 3181
.casalemedia.com/	1970-01-20 09:07:13	Name: CMPRO Value: 3181
.adnxs.com/	1970-01-20 09:07:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>=wUdR0!]tbPl1M>e)ZlrFUfJ+tGXxoyA(RYEL'?egPW>IRQ5Du+D#.kYYZTuYKDs-S3If)y3KL9D3I?+'/WhlP
.criteo.com/	1970-01-20 16:19:13	Name: uid Value: a54ee64f-6954-4b31-9f1d-5f4b12e521df
.neural40.cdnwebcloud.com/	1970-01-20 15:43:13	Name: n_one Value: e19ecd04-53fa-11ed-b8e8-0242ac110002
.epravda.com.ua/	1970-01-20 16:19:13	Name: cto_bundle Value: ZMhM819CcWQzZEVEJTJCYkpuT3hoUUxXYzBWJTJGSVhpZVFpWjMlMkYlMkZkaEFOTTdTV3RPRVhudjVycUJ1Uko3NDM1aFgyRE5JJTJGVlNObkJjdUl2ZWZ3YmlSSUtoVGpudWttZ0VVVDBHY1k2OEVOeFdzM2c4N3hUZWVxZFlQbXFEUiUyQiUyQm1vbmlVZ053MTVZS2ZiYkZ4dHBDS2E4OVRFSDczQSUzRCUzRA
.creativecdn.com/	1970-01-20 15:43:13	Name: u Value: SffynRMDXygOCZqpwRoY
.creativecdn.com/	1970-01-20 15:43:13	Name: ts Value: 1666657253
.bidswitch.net/	1970-01-20 15:43:13	Name: tuuid Value: 747d5d64-75eb-436e-9b7f-26f994e90e51
.bidswitch.net/	1970-01-20 15:43:13	Name: c Value: 1666657253
.bidswitch.net/	1970-01-20 15:43:13	Name: tuuid_lu Value: 1666657253
.taptapnetworks.com/	1970-01-20 15:43:13	Name: SONATA_ID Value: csonata_1be2e1cb-8d8b-4c85-b52f-d3c6f09e604c
.brand-display.com/	1970-01-20 16:33:37	Name: _knxq_ Value: cac3a814-c6af-396b-5bbc025e.1666657253.0.1666657253.1666657253
.yahoo.com/	1970-01-20 15:43:34	Name: A3 Value: d=AQABBOUrV2MCEKiWvLSDoBjdFurkciHzh1UFEgEBAQF9WGNhYwAAAAAA_eMAAA&S=AQAAAr6RGHTO6hwmbqhg5Vg4Gww
.amazon-adsystem.com/	1970-01-20 16:33:37	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:43:13	Name: bcookie Value: "v=2&0ba463c9-20d7-499d-88b9-89dea7bb1d3e"
.linkedin.com/	1970-01-20 11:16:49	Name: li_gc Value: MTswOzE2NjY2NTcyNTM7MjswMjFu/exGTi+sVp2fR5oRu+2drXSU4SPEGld5XL+DMIuDAA==
.linkedin.com/	1970-01-20 06:59:03	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2837:u=1:x=1:i=1666657253:t=1666743653:v=2:sig=AQFfPEdN7KQUkcMgkPJYx6gUB7AEfNOV"
sync.srv.stackadapt.com/	1970-01-20 15:43:13	Name: sa-user-id Value: s%3A0-8c629193-1df3-4efb-5be2-2c51810d74f1.3GcjNrmR3AWt96qS9VFiskAb7w3hzmUiPkZznfb%2Fo0c
.srv.stackadapt.com/	1970-01-20 15:43:13	Name: sa-user-id-v2 Value: s%3AjGKRkx3zTvtb4ixRgQ108dmKxGU.EoE4%2BwIHa25%2Bh39q5KG2EmvOnMPixbtFZYI65Yr5zRY
.amazon-adsystem.com/	1970-01-20 12:56:10	Name: ad-id Value: A-YJbifL7U3OpjAPx0rvvgk
.casalemedia.com/	1970-01-20 09:07:13	Name: CMTS Value: 2130
.mathtag.com/	1970-01-20 16:23:32	Name: uuid Value: e07d6357-2be6-4900-9617-37d47789927e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: The script resource is behind a redirect, which is disallowed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
ap.lijit.com
api.gravitec.media
bidder.criteo.com
bucket.cdnwebcloud.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.membrana.media
cdn.onthe.io
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
csync.loopme.me
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e73e06355ea055ec8df6221231a9d55a.safeframe.usercontent.goog
eb2.3lift.com
eimg.pravda.com
epravda.com.ua
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
image8.pubmatic.com
inv-nets.admixer.net
js-sec.indexww.com
loadercdn.net
ls.hit.gemius.pl
m.trafmag.com
match.adsrvr.org
mug.criteo.com
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
sync.srv.stackadapt.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tt.onthe.io
www.epravda.com.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ym-tack.b-cdn.net
103.229.205.242
104.18.12.76
104.18.18.126
104.18.19.126
108.157.6.231
13.248.245.213
130.211.41.16
138.199.37.231
142.250.186.34
142.93.104.37
146.0.227.109
146.59.10.80
146.59.30.100
172.217.18.2
178.250.0.157
178.250.2.131
18.156.195.47
185.184.8.90
185.187.81.40
185.187.81.41
185.59.220.194
185.80.39.216
185.89.210.244
188.40.114.5
193.200.65.6
198.47.127.18
209.54.182.161
216.52.2.48
23.205.235.133
23.35.236.188
2602:803:c004:200::143
2606:4700::6810:5914
2620:1ec:21::14
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3602:b152:500b:646e:5f14
2a0c:5c81:5142::2
3.126.192.135
3.73.168.247
34.111.151.213
34.111.234.95
35.214.174.31
35.214.184.209
35.71.131.137
37.157.6.242
45.133.44.3
45.133.44.4
51.83.220.94
52.205.223.187
52.59.9.89
52.95.118.179
54.154.25.234
65.9.66.67
65.9.71.118
69.173.144.139
69.173.144.165
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
046327fd8f65bcc854c7f62e8482c75641d5764915d16b330a128e584944a86d
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
049d93fbefae1ea85e4afabae3db28e03c7e6040c594be384cfbdeafd6e80096
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
0826c04bf0c3baad50da103403d5cc159a44e2771fed56d0e497faef8e7e2839
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd4448d525823f2ebc897df0d37caf5f5945ca65390d9cc85c9e3131cfefcda
0dd4bdd061b841977156022ef345ae7f5bdfeb201007b759358612afbae161cb
102809639e5f25950d18d13666cb928167f90e9de842638b39598d3a2b8e1d34
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13538fef110c51c82c53968f874672cc902b66da0a701dd0773c7c36428a06a6
155af02b4157ace285bea8b4a111e61e31995878fea501825d115fceb4e3e172
157a4cf4f8bf92ca13173ccb8d3f7290a21c1960a8048b9910e5b5cafd2460ae
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
17346ce4e3e8e8f38c0acf0d4cac665b9c4f8ae8ae2f45d81a2906450e4ff168
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
192cc0f99a31148640f19dbfc0ffeae09c62c411ffa3e9f23670bc58fe335740
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
21a3bf3fe4470d73eb601fbf6fd68188cc567340d2ac86585ffc96b17a677d19
22523352df3b04ba0815c9f3efedbdd9a46110022ec1f2cf02cea3a0a1fcb03b
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
256f6bec6a211d7c3445e856d793846aca14627b2d03c2186c6233140996c1d5
257428301b7d39827162b2a1da3bdfaa01a53fd598129e4894dd216bd57ea6fb
266dd63d699a84a3bcfadea67cb70a46096c19f1963ece4baf7ad07daad8cb1e
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2bb735375f5858e0693bd820cc7e04302dc7e4d5f8fca3371ccfaadebef9d7f5
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c484b7e6757614f9eda37247b37e9b203428ad1f937bbbdf3f6dd2b16a433e6
3117fa86ef7925541e5c3844f2eb83fa5972bee5506c4698d3d04bb8a614997a
3249b3a1dad30126401ffed63d5ca301a743a8dfcebb1dbf4e694bf08a78eaa3
32af1d536ea196e125e4640d8ef1d4004657d0c3c68bc4d716dc1dd6f474e6d3
3a499ab6fa022446b79aa8e5406fbc0cb08a54b6f8d31b496752a781f5fbe719
3a8b93fcb00dd80f66472f0ce703cdd6ca388363e4499efe6fd715f5f0204131
3afdf8e6897aa00640bd156b0e5b6cc23cbebb7f796c36be03949001fb0c5149
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7ceead6f8d266d7319b06daf4b8df41b10c810a9d67c52e24d4097be7f310f
3dc946f8c378868c828b7d987da2e2aeca2f3264be054345a133a91b2b16b523
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff7abcd10e4a99ba3e8dc3b7c7c8a15f124adfa7d4897e3129148907ff9316d
41f88e1daa63753ca6dbf9f3bc7e22e481bd2d0fbf17a5405ea7068ea14615d8
423994aa76e64e4a04c31c9ae0e80670d4d292d212fa00ec3715b020dda9a67b
43f52f996cef23ee4da5b6fc2c687ddbdba7c5a0bdec111890ebb102c7877f49
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b2562126068309c9113ce0846d89b29e58b2aa3bb7120140820d329ab41bfe8
4b56813d08e9c7d5017283b8924c20ede0d5e434af73d1ad96a423cb8359fa1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5912788717c50fe0b9788091106264b25a70b571b65669acbeb1d798a69887e8
5de327718d8b53a33a567a963ceba38b36d891f8fea13496ac859e425e70fb59
5fb06cfb8b1f5ea4ae467b3fd4288f62153960269f7ba4f0229f5565841a2ef5
5fcd167728c17510032b89af725c6bf25a7e07f8dd20ff2d80956b8a82498fe2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b21f05fa70af86b76bc9e70bbe8275579937e6218a97718bde1fd27221f9473
6b8435f31f583aca5c79359a1fa9c554ea915c72ce394415d9a1a53637ce7bbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4a04c3961a4e78fdd57c85b5ceb1183f6473d1a68de9279b409e8b47363d88
70fce2d869090684a98e0885b8e3b297872329e1d038ec01ace20d77d9c8d17b
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d565698cc385992ea5d6e49dff898b39580f4d87642db55bb51afa1dc5667b
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7d860ba948ff50c0567c07a7c20920d5d5fc62bb28eea4d04a183ba9f86b7217
7f3628d04f679f9eaed8ee0ecb7294251c2eb393d6ee09bb9e09ba99f2708e84
802742e3368dabc41255e4af12a645d2d03abbeb0df0fdc23ea665fce151a802
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82db0dcde9afcb6c9f867f8c983d9624c5c277a885eaa53acba3b7d8cd6c8a0e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb2ed7fed01feed25776bf4c40cbb84605238d515d8f19696e0ba2a4eaea8d1
9192ce1505fd519298d663d2640bdb0c0649928c448b54398126d104470f55f7
94cd583302b8e72a39226ed3e0df95859bf3b5f38001a2844cf5be6844fda58d
96afcf43dc3407d30095740cf6a3acd540e2b0bd95e4987571da1cb40c5f8137
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a496a39ec1a8e90ea460bc0926f5665a0da7b0de4d2008155419e492af14fbc
9c4b3e388a42c48b55f68ea667068dce1d92986801938b7553310d87cc0f952d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7
a90617a1dffd94a8bd79015229a3956c9faceb192b7faf680c968f94100f3670
a9cbdd6521ec47ddcea1daab5bf47b882aad375be236b3037165371ef4d2689c
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
b04ed0df6ab0606576cfcc552c035179f8ca0176500443d4135b23fed953365d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3484f03eae9dd301a5b78c18f799f743590dae5184fbf22109eef1cef9490cf
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b40dbe1fb06ac6468dec5e5e370e4436c22eae5f2bae8a4280f9e56569ee5355
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
b96ba57ad12fdb84cf5fa8c48d447dfddf4a5523c031f03e1dd1e81a5eb9f2ff
ba8af0d50d79678d5e9e6e68935c23511ff6ae811c880f6b0815855e696b023e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd89be957b3383ea7725da9cba3a3e61a508ce60fdba9240f5a0f35f48b9a49a
c0c6ca19e9d9ff4d304c3148ff2dc188145c9c3448de66f89591ad13afbe342b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c65bb06b181f59165b6d9906e6dcd6ffc956d43cb39d7fdebb3b4005820abe2b
c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
d0b146ce430b2dde95394fc77767e79928c1debe317d4e659c53e1915a8a82df
d75d924894d9cc7e47c2cd37b791ebd7bfdb610c3c85b533d6c0e8cd6670aa96
d8ba992e6f0ee87057b986457c6dd72670f3d187468860cbda0d4d6ea4b6928f
dbe83df1d4eeeb09fa5e87cb4e0eb2325c312865592d8e0e3fbacff61b829bf1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df84f763f6e4c2a30070eb8b45019970c556d9588b149bd6d60ecc74b6d00d86
dfee967f11574be8aa90966513b510cffa5774f43cb729fe78c59756a48beef6
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e108f02394ac984b1bfd71a629a933aef89e118bce44253c7bf235416c62854b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3a1b440b0ca36a1dd0247fe8d82e815dde920c4711176687ad0f77a355ac905
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bfe9317fa688c530f8126014040659c7f0f38016ebf343dcc421860473fc4c
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
e94c01d7482fdfea3c201d0d8746cc8eacc132d3df48cc8cff0d54e22d34f335
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
eb6b715d77e8c9ab8dae20e4c5ae52ea7b5823b7ebf18b84fcb472141531cf07
eb8b603671d191ca408aab8bab3d4b078d4df63821563b4fd4bb7dd005919318
ed13b39809e9681bc4dcc0aa457c2375fd8c61e872c73675af2e751ece2a567b
ee1b6168ba519ded689659b2019c46554e4db2080d0fdfa8dcf4ff93f905a805
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3f6b3955de9277c820aff5537fbaaf3508d8babf6356495bbc7b05fab9efa35
f4feadf4e2a99987dde6ff466cbe921caee739f354bab8a98b508d7babb6d47f
f654a3878b63c4a20dbd1f2537fd3b2a7a010c53625e6241e6e1485f49142416
fda1cf232c6a33654b77cdb9b6974e2f0692bea31acc247a62a9c9859aa2d9cf
fe151dbc2f48af8ecf6f710163291354aa6f9c37f85a054e0b5de6b281440016

www.epravda.com.ua Open in urlscan Pro 130.211.41.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

89 %HTTPS

32 %IPv6

50 Domains

77 Subdomains

67 IPs

13 Countries

4498 kBTransfer

7340 kBSize

57 Cookies

12 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.epravda.com.ua Open in urlscan Pro
130.211.41.16 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

89 %
HTTPS

32 %
IPv6

50
Domains

77
Subdomains

67
IPs

13
Countries

4498 kB
Transfer

7340 kB
Size

57
Cookies

190 HTTP transactions
1 data transactions