nnews.com.ua Open in urlscan Pro
176.104.8.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nnews.com.ua/
Effective URL:
https://nnews.com.ua/
Submission: On July 06 via api (July 6th 2022, 2:30:54 pm UTC) from GB — Scanned from GB

Summary HTTP 259 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 41 domains to perform 259 HTTP transactions. The main IP is 176.104.8.35, located in Sofiyevskaya Borshchagovka, Ukraine and belongs to UNDERNET-AS1, UA. The main domain is nnews.com.ua.
TLS certificate: Issued by R3 on June 6th 2022. Valid for: 3 months.

This is the only time nnews.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	176.104.8.35 176.104.8.35	41435 (UNDERNET-AS1) (UNDERNET-AS1)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a02:6ea0:c70... 2a02:6ea0:c700::20	60068 (CDN77 ^_^) (CDN77 ^_^)
10	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.166.21.205 188.166.21.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	193.108.153.18 193.108.153.18	34164 (AKAMAI-LON) (AKAMAI-LON)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 7	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	54.154.72.131 54.154.72.131	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.100 143.204.101.100	16509 (AMAZON-02) (AMAZON-02)
1	143.244.196.143 143.244.196.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:0:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
3 31	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.19.46.209 52.19.46.209	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.126.13 18.156.126.13	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	52.19.184.31 52.19.184.31	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	46.137.164.28 46.137.164.28	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	188.166.37.243 188.166.37.243	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	178.62.226.6 178.62.226.6	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	45.133.44.37 45.133.44.37	7018 (ATT-INTER...) (ATT-INTERNET4)
3 3	34.251.55.128 34.251.55.128	16509 (AMAZON-02) (AMAZON-02)
3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
5	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
5	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
8 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.122.145.17 3.122.145.17	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38	16509 (AMAZON-02) (AMAZON-02)
259	46

52 176.104.8.35 (Sofiyevskaya Borshchagovka, Ukraine) 1 redirects

ASN41435 (UNDERNET-AS1, UA)
PTR: s-176-104-8-35.under.net.ua

nnews.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.21.205 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.18 (Frankfurt am Main, Germany)

ASN34164 (AKAMAI-LON, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.72.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-100.fra50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.196.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:0:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.243 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.46.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-46-209.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.126.13 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.19.184.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.164.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-164-28.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.37.243 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

stats.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.226.6 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

img.phoenix-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.37 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.251.55.128 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 8 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.192.160.219 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.145.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	nnews.com.ua 1 redirects nnews.com.ua	540 KB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	531 KB
41	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	185 KB
13	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7521 c.mgid.com — Cisco Umbrella Rank: 4843 cdn.mgid.com — Cisco Umbrella Rank: 9757 servicer.mgid.com — Cisco Umbrella Rank: 7655 s-img.mgid.com — Cisco Umbrella Rank: 6482 cm.mgid.com — Cisco Umbrella Rank: 2048	141 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	226 KB
10	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 28133	244 KB
8	casalemedia.com 8 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	8 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
7	quantserve.com 2 redirects secure.quantserve.com — Cisco Umbrella Rank: 1029 pixel.quantserve.com — Cisco Umbrella Rank: 443 cms.quantserve.com — Cisco Umbrella Rank: 1107	12 KB
7	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1705 mwzeom.zeotap.com — Cisco Umbrella Rank: 1343	22 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 ajax.googleapis.com — Cisco Umbrella Rank: 307	35 KB
6	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 865 image6.pubmatic.com — Cisco Umbrella Rank: 629	555 B
6	phoenix-widget.com phoenix-widget.com — Cisco Umbrella Rank: 171797 api.phoenix-widget.com — Cisco Umbrella Rank: 205328 stats.phoenix-widget.com — Cisco Umbrella Rank: 313329 img.phoenix-widget.com — Cisco Umbrella Rank: 234805	64 KB
5	rubiconproject.com 5 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	2 KB
5	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	746 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	212 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	2 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	3 KB
4	cpx.to p.cpx.to — Cisco Umbrella Rank: 9072 s.cpx.to — Cisco Umbrella Rank: 2286	5 KB
4	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 28008	1 KB
3	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 907	523 B
3	everesttech.net 3 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3023	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 408	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	2 KB
2	cdnkimg.com i.cdnkimg.com — Cisco Umbrella Rank: 8185	103 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1422	1 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4608	914 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 445 d.agkn.com — Cisco Umbrella Rank: 557	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	529 B
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 28409	6 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	297 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 32075	523 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	645 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 987	754 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 991	1 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 820
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 7816	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
259	41

	Domain	Requested by
52	nnews.com.ua	1 redirects nnews.com.ua
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	cm.g.doubleclick.net	3 redirects nnews.com.ua googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	nnews.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net nnews.com.ua
10	ads.themoneytizer.com	nnews.com.ua ads.themoneytizer.com
8	ssum-sec.casalemedia.com	8 redirects
7	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	nnews.com.ua googleads.g.doubleclick.net
5	pixel.rubiconproject.com	5 redirects
5	image6.pubmatic.com	googleads.g.doubleclick.net
5	rtb.openx.net	googleads.g.doubleclick.net
5	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	mwzeom.zeotap.com	nnews.com.ua
4	e.dlx.addthis.com	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
4	c.tmyzer.com	ads.themoneytizer.com
3	odr.mookie1.com	googleads.g.doubleclick.net
3	pixel.everesttech.net	3 redirects
3	s-img.mgid.com	nnews.com.ua
3	c.mgid.com	jsc.mgid.com nnews.com.ua
3	s.cpx.to	p.cpx.to nnews.com.ua
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com phoenix-widget.com
3	id5-sync.com	nnews.com.ua ads.themoneytizer.com ced.sascdn.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
2	i.cdnkimg.com	nnews.com.ua
2	stats.phoenix-widget.com	phoenix-widget.com
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	nnews.com.ua
2	sync.smartadserver.com	1 redirects nnews.com.ua
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	nnews.com.ua
2	ib.adnxs.com	2 redirects
2	mug.criteo.com	nnews.com.ua
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	phoenix-widget.com	nnews.com.ua
2	jsc.mgid.com	nnews.com.ua jsc.mgid.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	img.phoenix-widget.com	nnews.com.ua
1	servicer.mgid.com	jsc.mgid.com
1	image2.pubmatic.com	nnews.com.ua
1	secure.adnxs.com	1 redirects
1	adtrack.adleadevent.com	ajax.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.quantserve.com	nnews.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	api.phoenix-widget.com	phoenix-widget.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	www.googletagmanager.com	nnews.com.ua
259	63

This site contains links to these domains. Also see Links.

Domain
click.phoenix-widget.com
s.viiadr.com
phoenix-widget.com
shumskyi.pro
www.linkedin.com
t.me
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
nnews.com.ua R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
phoenix-widget.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-11` - `2023-03-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
c.tmyzer.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
api.phoenix-widget.com R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
i.cdnkimg.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://nnews.com.ua/
Frame ID: 92498763D1B596E7979FF0789AACEEE0
Requests: 136 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657117846789
Frame ID: 348C5AF5693087B16DB3684F8D9F4857
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 9BFEDE8696DADFACD6205EE80BFA52C0
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnnews.com.ua%2F&id=MTIZ
Frame ID: 1DEA96423B9BBA858512332A16AA2254
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&adk=1812271804&adf=3025194257&lmt=1657117847&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnnews.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847121&bpp=4&bdt=653&idt=335&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2986425637922&frm=20&pv=2&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: E4007A8B5BD1A4DB2B2D4B6A76B0480C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
Frame ID: 708FBC0E138226554E835F51F814D7A7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403
Frame ID: BA098E575E34321483F59AFFCAE6105B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Frame ID: F1B282AF33B002F4402E17A26E4B19D4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452
Frame ID: 584D9A063DD0207568FDA1780B96118C
Requests: 15 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1657117848021953096134
Frame ID: ABB585829B54B8F0733655739CCABFD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 35871369FCB40D15E9A01ACD7B732BC2
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDB4FC46A36389EA06169018DEC8B5C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6EED596F78ADF18E0D91D6ACE25056E5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A5E2D86C7240211E1F64E3F1983A7588
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: D529CA23522A9D1696090DD7AA6D23DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99B317AD550E8F56447882FCA92108A3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: 09AA2CD05E6F9FF307D56F8086BA8E96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: 2715932F44C0668B2D86D9BBFE0A817F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: 878F92DADD51AD93A05240DD76E158C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BC6A56CA8312C47B5D8C43843E100688
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8B4A3C157233A3D5A2921BE4E94D730
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js
Frame ID: D1984919FE09C9EED2407ACA21C07310
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3536B94FBD47980233E14E1A10872A66
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C5F6D9E07AF75F24D11E64CDF1800BB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NNews - Інформаційний сайт про новини України і світу

Page URL History Show full URLs

http://nnews.com.ua/ HTTP 301
https://nnews.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

259
Requests

88 %
HTTPS

35 %
IPv6

41
Domains

63
Subdomains

46
IPs

9
Countries

2452 kB
Transfer

6255 kB
Size

50
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://click.phoenix-widget.com/go/6166d0d9f44872f8e903e3ca/.eJx1kV2u2yAQhbdS-aFPxcGAAUeKrnSX0A1EA4xjp8ZYgNM_de-dxmqvVLVPiMM3Z-YM35s9L825mWrdyvl0coiZBXjMofUpnmBdgc2sYL7h_Tjw8ZUltqCfcJ1n9mAe15qRvVWStuV0yxAjslsqlYRS90A0uVVc8BOssCC779-mFe7AHmmhlxSwFGinGpeXvcZrSXv2eNmmRJ2-vP8lRQzzHi9-88-rh7jBfFsvWgy9cwF63juL0ho0Xg5gnlTFHC-60zrwMIxKWSNGiwOXKD0cPmmtlOKwCaMSrlMqiF5wq4ZOuuZDQ4k8jZcyLcunjO0fobQZ1pBi66Bg-0orw_zxqVDZ5zncsF7nQGXHCDj-NYIn7Hj_f_ffQa9v4D_SEjhBmQ7IGyclKsmVdLoDPejB9dYaI70w1iuC6xyxVLImXHAhGDeM63edOkt-VrZVBKuewJ1-_nDt7GgGiVrSJkXoNLeAAkA0P34C_Gi6zQ.wOTB8C19UoAZWTEU2o16FMPrW-0
Title: Реальная история мамы "особенного ребенка"Реклама

Search URL Search Domain Scan URL

URL: https://s.viiadr.com/h/526/noexsxhjs5nhttv73lfjxl4hvowtsun5s6myctcbvsi4du4cx3oda7sxpnswq4aunvyeuonf57m52zzychgfhnsnyez67q2d2fi5vk2tqbel3f4zqggp5dpk6rj7asak5jl2g3ubkfzlyu6w5grjxlvqwspk66nekoknhukp2zg3vhu37fk4eoslzeyefzkjmmkd3zcqgkcgwmsw54fzcutzvridb2lk2kmkbjeyv6d2xljz4rvl3ff2o6qvhhgj5ptedozrkrfuroktqhw75b2erey5wtndmjiyqv2txbg75c6a3fg4gvdbmvsa27syanqxo72wmnhwy2yapzoqoy34prjgqttgib2udtxrr5gvxfuolngfggcdge4dnqkhbevnavok5ra5sm7pynbysupaqbnlqs3ixjkorcfyklqfmrufjnxclv3urzryaaohn7wuxqtko52lwy7h2sd63nmcyolymtsrl5ngazlklz7faajtpf4ak2i6my3as72zbi3su6iagffejo7wtcuita7dvychr6gqzsxeyopb6cbi6zqi7camxxkcbh775tg6mu4hs5sxgdyggarmm5evdr6bylcd4436hjlvpu5vlbmo3xrqobutevwp4tlmfry4izuf2===?u=http%3A%2F%2Fwww.manicurephuket.com%2Fru%2Fmanicure-pedicure%2Fkak-chukchi-lyubyat-na-moroze-ne-snimaya-ode%2F
Title: Как чукчи любят на морозе не снимая одежды. ВидеоРеклама

Search URL Search Domain Scan URL

URL: https://s.viiadr.com/h/526/nofhsxhjs5nhttv73lfjxl4hvowtsun5s6myctcbvsi4du4cx3oda7sxpnswq4aunvyeuonf57m52zzychgfhnsnyez67q2d2fi5vk2tqbel3f4zqggp5dpk6rj7asak5jl2g3ubkfzlyu6w5grjxlvqwspk66nekoknhukp2zg3vhu37fk4eoslzeyefzkjmmkd3zcqgkcgwmsw54fzcutzvridb2lk2kmkbjeyv6d2xljz4rvl3ff2o6qvhhgj5ptedozrkrfuroktqhw75b2erey5wtndmjiyqv2txbg75c6a3fg4gvdcmvsa27syanqxo72wmnhwy2yapzoqoy34p5lgitdbm4va4yngvkous4orxn2euotjmnvfyl56ni4af7ct6bz5sm7pynbysunqn3jdushbgdblhgld5v5dypzcokwdaflzfeqyk6saz7kxhgjqsgmlnsg5vpunmpstk44e47tta5tuczzxbz5a2czqpuxvazsinqzv26yiknsf7ivpqg467b4uvqgbvvwl2x3vkkeh6t2y23tk22n5fbc3dcm7vo64nvnfo3konhuxezbicbfvtjpp3howo2tklrjsbaktclx4gq2ykb4fiuryjgiy2===?u=https%3A%2F%2Fi24-7-news.com%2Feconomic%2Fsupermarkety-v-germanii-povyshayut-ceny-na-60-na-chto%2F%3Futm_source%3Dkadam_rude%26utm_medium%3D1337%26utm_campaign%3D532865%26utm_term%3D1363100752508156%26utm_content%3D5553684%26utmkadam%3D%5BMCPA%5D
Title: Небывалое повышение цен на продукты в Германии: списокРеклама

Search URL Search Domain Scan URL

URL: https://phoenix-widget.com/

Search URL Search Domain Scan URL

URL: https://shumskyi.pro/test-sociofobiya
Title: Тест соціофобія

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/79362374/

Search URL Search Domain Scan URL

URL: https://t.me/nnews_com_ua

Search URL Search Domain Scan URL

URL: https://twitter.com/NNews_com_ua

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nnews.com.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNN83cOtJK7rWZgqA4DObow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nnews.com.ua/ HTTP 301
https://nnews.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-u7b2XxFd2lqa2JWbVprRTlVYzJ5bFRpMFo4VFlzekRVMVJtRytFcTZqaDhEbFM3WGRVQkRGNlpvQlJBQkxCb2JFV1o2akNTOHBnSzJuVFZQY2w5OEJqay96SGpoRHdNS0hZSHo0N3VJamhpS010TURkS093dmk3NVN6OThNVnllR3VkQnB6ZTZSdnh3YUZkcGNhV3R5Q3YycUg1aGNSWnUrYk94MmtRY3NkeVlIU3duWlJzNkhSdUwyZ0RiL3AyK2dkajhldUg3YmViVHhPVXVYK2FJRjBicm00MjRIYVg3THRLaDRqb1F3RzQvdGxjPXw&cppv=2

Request Chain 89

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133b54%26reqId%3Db27d6960-d28a-47c9-555c-8a4840d38a5c%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8396728339614736720&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEEW-Wu8J9azHA7_AqgVd6TE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258

Request Chain 92

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133b54%26reqId%3Db27d6960-d28a-47c9-555c-8a4840d38a5c%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133b54%26reqId%3Db27d6960-d28a-47c9-555c-8a4840d38a5c%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=88526550028832116171499366875359695072&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258

Request Chain 93

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MJVNGQ3ZcbFiap8UC0IkMY%2BV2X8KFiOp%2BS41iYitP1U%3D

Request Chain 94

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133b54%26reqId%3Db27d6960-d28a-47c9-555c-8a4840d38a5c%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=ab7a62c5-9c97-4700-90f5-30dc7b8a9cdc&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258

Request Chain 115

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0&cklb=1

Request Chain 116

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26url%3Dhttps%253A%252F%252Fnnews.com.ua%252F%26hn_ver%3D40%26fid%3D4ec12154-159a-4f87-8719-be76599bfa64 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8396728339614736720&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=4ec12154-159a-4f87-8719-be76599bfa64

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64&google_gid=CAESEPDfWEgIS5F7pOjqBiPi_m8&google_cver=1

Request Chain 201

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmCrp4RAq-yFIwhmp67hqT9TmFALhPbfKNpKR4TzoRBBRkCRuqmznUeOfa3V&google_gid=CAESEH3huD9V00j5bHoXX4AOT54&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCVGFZTVZhZA&google_push=ARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmCrp4RAq-yFIwhmp67hqT9TmFALhPbfKNpKR4TzoRBBRkCRuqmznUeOfa3V

Request Chain 205

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHIvNHkYMzxyZxpyBvziB18&google_cver=1&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt103hE-genVrwPqcCfXP8LQS7Z5T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tUy03UkU4&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt103hE-genVrwPqcCfXP8LQS7Z5T

Request Chain 206

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_cver=1&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGUiZ42UZ3Dfxdj5uLUL2JFLWi-2rIFd-_WYLMCKyX_fZlCPZZbz15CMbbLULZDaeJ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGUiZ42UZ3Dfxdj5uLUL2JFLWi-2rIFd-_WYLMCKyX_fZlCPZZbz15CMbbLULZDaeJ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGUiZ42UZ3Dfxdj5uLUL2JFLWi-2rIFd-_WYLMCKyX_fZlCPZZbz15CMbbLULZDaeJ

Request Chain 209

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAzWueXV3mVvsDnpdTDzRvJ8AxFoyJTwmWTLQjJ757NLjusq2pSUpzsZ8jSsVg&google_gid=CAESEKiO9L6rRXtDJI4-zxCmRcQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCQmFORmltOA&google_push=ARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAzWueXV3mVvsDnpdTDzRvJ8AxFoyJTwmWTLQjJ757NLjusq2pSUpzsZ8jSsVg

Request Chain 210

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz21X7o7jcivG5OLj6kGg9xaTZYDour94Q&google_gid=CAESEJRqAm1ZHRpaa_e7XXLHkfw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz21X7o7jcivG5OLj6kGg9xaTZYDour94Q&google_gid=CAESEJRqAm1ZHRpaa_e7XXLHkfw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAxMDg1Nzk2MDgxNQ%3D%3D&google_push=ARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz21X7o7jcivG5OLj6kGg9xaTZYDour94Q

Request Chain 213

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPrxWVpIBNorDrkm57wgis&google_cver=1&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTLPGxCMJjJoz6rP2OHHXegX7b8D6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMjgtQ1RPSg==&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTLPGxCMJjJoz6rP2OHHXegX7b8D6Q

Request Chain 214

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_cver=1&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8bIvuEtQ_m5NeQ3gp6pLD3mmLDCVDE52pKy5YIC2q8ZBv1Cu8M05stUz55_nq8z_ow HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8bIvuEtQ_m5NeQ3gp6pLD3mmLDCVDE52pKy5YIC2q8ZBv1Cu8M05stUz55_nq8z_ow&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8bIvuEtQ_m5NeQ3gp6pLD3mmLDCVDE52pKy5YIC2q8ZBv1Cu8M05stUz55_nq8z_ow

Request Chain 217

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW_dawHPlDl3LJeC-hR5OisS_Ra98T6UyirG5fAuft6Wb3CWOCNAISccA_N&google_gid=CAESEPr5yWD1vmdHPJBmTg5F6dQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCR0dZTTFhZA&google_push=ARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW_dawHPlDl3LJeC-hR5OisS_Ra98T6UyirG5fAuft6Wb3CWOCNAISccA_N

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVRAHOVgKgPlqr3YrHwpg0&google_cver=1&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi3XyowWesbUaJzU-88cGKogvG9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMVotMkhOQQ==&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi3XyowWesbUaJzU-88cGKogvG9

Request Chain 222

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_cver=1&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU-Ttph2LPBHgIYyc0ZzZJwzlyhOsRQbN4-x7kETvPoFTgJQHynxde0_d-eHHML2X HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU-Ttph2LPBHgIYyc0ZzZJwzlyhOsRQbN4-x7kETvPoFTgJQHynxde0_d-eHHML2X&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU-Ttph2LPBHgIYyc0ZzZJwzlyhOsRQbN4-x7kETvPoFTgJQHynxde0_d-eHHML2X

Request Chain 238

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBJAYNKIa1LU69lL2UMSQl8&google_cver=1&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJhoZoFlc4Lqpmlaz9_EHKduThaRWpEi3vl98in1B3r4 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJhoZoFlc4Lqpmlaz9_EHKduThaRWpEi3vl98in1B3r4&google_hm=dPXuckuWKm34KaU4MUXwPQ

Request Chain 239

https://d.agkn.com/pixel/2175/?google_gid=CAESECDIsw5-DUC3APrTFZjnHXc&google_cver=1&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4&google_hm=Q0FFU0VDRElzdzUtRFVDM0FQclRGWmpuSFhj

Request Chain 240

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfcaCbYbufxDW2xAVc7vxJrfY_CaKP01Z4&google_gid=CAESEKRC84paFsxk4pFqQYZYVVA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfcaCbYbufxDW2xAVc7vxJrfY_CaKP01Z4&google_gid=CAESEKRC84paFsxk4pFqQYZYVVA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAzNTA5MzM0NDMyOA%3D%3D&google_push=ARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfcaCbYbufxDW2xAVc7vxJrfY_CaKP01Z4

Request Chain 243

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDNwrx_uwDfKPr_KHbOcDdI&google_cver=1&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77GsgXel2mjSNMqK-CrxU0k3-V1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKSU0tMUUtMzhFRg==&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77GsgXel2mjSNMqK-CrxU0k3-V1A

Request Chain 244

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_cver=1&google_push=ARnp8GDdhnuVBLe8OAJmykogBdqD5M4XYBwcEhek2_f-txJpSJowYubFXthhKsPuP-nfusGyUBQm4bqxQYuexQyhD28uJJg3TPuX HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDdhnuVBLe8OAJmykogBdqD5M4XYBwcEhek2_f-txJpSJowYubFXthhKsPuP-nfusGyUBQm4bqxQYuexQyhD28uJJg3TPuX

Request Chain 250

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHwaxVp_pX2sXVpwapTH_Ts&google_cver=1&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7QXSaeUaQdPk7LHgyxUinDO_OyFL-_QySENZbjuUvA HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7QXSaeUaQdPk7LHgyxUinDO_OyFL-_QySENZbjuUvA&google_hm=dPXuckuWKm34KaU4MUXwPQ

Request Chain 254

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELjxBnCUMo_VNFulR4vmt4k&google_cver=1&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4AbLgNrGyHTkhoVmovI-Xy-wsM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKUkEtMVktQjlQUQ==&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4AbLgNrGyHTkhoVmovI-Xy-wsM

Request Chain 255

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_cver=1&google_push=ARnp8GABRCH37RoBoEdE8rulMoa-kLb-VyPAOGJO-M7juRAIbjHY96Bn9ofuSCV7mChXEaLSY6-p_GwRcDY3mu76vmkeGs9tDrAT HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GABRCH37RoBoEdE8rulMoa-kLb-VyPAOGJO-M7juRAIbjHY96Bn9ofuSCV7mChXEaLSY6-p_GwRcDY3mu76vmkeGs9tDrAT

Request Chain 259

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

259 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nnews.com.ua/
Redirect Chain

http://nnews.com.ua/
https://nnews.com.ua/

167 KB
27 KB

384ms
195ms

Document
text/html

176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1199c6305025923d2694534e9b7b40e5b32a58d2761a4654403c81421d9cd88b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 14:30:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <https://nnews.com.ua/wp-json/>; rel="https://api.w.org/"
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Wed, 06 Jul 2022 14:30:46 GMT
Location: https://nnews.com.ua/
Server: nginx/1.14.0 (Ubuntu)

GET
H/1.1 200
OK 3536505.png
nnews.com.ua/wp-content/uploads/2022/04/ 1 KB
2 KB 93ms
93ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/3536505.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bb59f00724dffe7d3c8294e9b6ffcb948425063a0a56203fcb75f84820552d42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Sun, 15 May 2022 19:46:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281587d-564"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1380
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2111646.png
nnews.com.ua/wp-content/uploads/2022/04/ 3 KB
3 KB 272ms
81ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/2111646.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fc2df9a6d8d6b992b832a8112600a8b6e45f3c0035abee8e6810df317ad768c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Sun, 15 May 2022 19:46:21 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281588d-a7c"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2684
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1384065.png
nnews.com.ua/wp-content/uploads/2022/04/ 2 KB
3 KB 91ms
91ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/1384065.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a7d4366e9b500c60992c39f8d30615abc4d152a7d80c8702bef0debd33200be9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Sun, 15 May 2022 19:46:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281589a-8d2"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2258
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 733547.png
nnews.com.ua/wp-content/uploads/2022/04/ 810 B
1 KB 90ms
90ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/733547.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ec744f959fb090c83c461e460075b9ee7e3347cbba48a6ae4e8aa537fe9fa358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Sun, 15 May 2022 19:45:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62815859-32a"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 810
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1384060.png
nnews.com.ua/wp-content/uploads/2022/04/ 2 KB
2 KB 91ms
90ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/1384060.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dd0f89861eac2cc297e0135134cfb79521c855872286ed1fddd3403fc2e01ca5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Sun, 15 May 2022 19:46:35 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6281589b-624"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1572
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK L2_dark.svg
nnews.com.ua/wp-content/uploads/2022/04/ 3 KB
3 KB 83ms
80ms Image
image/svg+xml 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/04/L2_dark.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 71443a4023953c509ec42fda233e80a82888c3d5ae1dc5907a4282759875323e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Last-Modified: Wed, 27 Apr 2022 09:51:56 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6269123c-a45"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2629

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 183ms
66ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199281257-1

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0f6429103c56926705f275e5cf037bd3239bf831c4718edee17fc4908a72113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40327
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 14:30:46 GMT

GET
H/1.1 200
OK jquery.min.js Show response
nnews.com.ua/wp-includes/js/jquery/ 87 KB
31 KB 168ms
98ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 21:05:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"60f73a90-15db1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
nnews.com.ua/wp-includes/js/jquery/ 11 KB
5 KB 218ms
82ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5fb4e3fe-2bd8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.js Show response
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/js/ 193 B
609 B 240ms
80ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/js/frontend.js?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 96f31318bf5c5ca3fe23fbf2f60100e37f384130e56d9e1148007c954dcd0471

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-c1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK front-main.js Show response
nnews.com.ua/wp-content/plugins/wp-social/assets/js/ 2 KB
1 KB 241ms
81ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/js/front-main.js?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-925"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK social-front.js Show response
nnews.com.ua/wp-content/plugins/wp-social/assets/js/ 459 B
742 B 173ms
81ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/js/social-front.js?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-1cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu.js Show response
nnews.com.ua/wp-content/plugins/mobile-menu/includes/js/ 16 KB
4 KB 83ms
83ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.2.7
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e6197a7455f9b7a646b461c3487c4c79a545d42b6a65113be86be136a33edb8c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-3e15"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 188ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18332a1921bfcc389fdda6af5439513b2ed40bbd81f64126623ec2e911df3bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56376
x-xss-protection: 0
server: cafe
etag: 5575651645954468066
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:30:46 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 202ms
53ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI0/7Ur/IpMAAA
x-accel-expires: @1657166580
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: ul6RGHEtOGI
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 37666
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 136 KB
15 KB 255ms
106ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66f362e55e6428ba5ca6540adb647140f8938366e52604927ca95236f66351f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI0g8Bj/n4UAAA
x-accel-expires: @1657170039
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: mH97L/2UIto
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 34207
x-77-pop: frankfurtDE

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 259ms
110ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=20
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI1eVkH/H5MAAA
x-accel-expires: @1657166583
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: /Ijb0O2akjY
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 37663
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 136 KB
15 KB 280ms
132ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=20
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 850450864eb0df3f09b9724116f7548691a315f0e48938b00b4330a00147cb9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI3D8jD/n4UAAA
x-accel-expires: @1657170039
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: Xnm6CLcYC1w
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 34207
x-77-pop: frankfurtDE

GET
H2 200 nnews.com.ua.1291903.js Show response
jsc.mgid.com/n/n/ 2 KB
2 KB 340ms
240ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.js
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd082781bae702d30169fbf34f21ac51c6e83fc3d54a2fcec7823f5b0de35d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: GC3K10KS53FPMEKJ
cf-polished: origSize=2318
cf-ray: 72690a4f2a9d8898-LHR
last-modified: Wed, 08 Jun 2022 10:41:18 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6GnB77tJ+fuomh7tIriLTw/ktXGZ1ibibta56tOYYaj8byQoTmLfdmpXratW+h6BojzyxzX33JM=
cf-bgj: minify
server: cloudflare
etag: W/"1d2c8a8f9912a1e133b1ad3b732ef3e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WB41SlKm7B1zarNdhmvrksMZdT1KnxKb
cache-control: public, max-age=10800
content-type: text/javascript
expires: Wed, 06 Jul 2022 17:30:47 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 216ms
136ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI2ErEv/IpMAAA
x-accel-expires: @1657166580
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: lUDRR5ArQsc
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-cache: HIT
x-age: 37666
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 136 KB
15 KB 104ms
103ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=19
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a52f20a3f291d64ee54e835230ad5fb677ca72e3b388104b8ce28a4964013cf3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI3MulX/n4UAAA
x-accel-expires: @1657170039
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: kgNUnom8KzQ
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 34207
x-77-pop: frankfurtDE

GET
H/1.1 200
OK jsonp_v3.js Show response
phoenix-widget.com/static/js/ 68 KB
21 KB 216ms
108ms Script
application/x-javascript 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://phoenix-widget.com/static/js/jsonp_v3.js
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 594f184d374383c66e8cf7973b56d0dfda8038654f3cea99a32050eaf8d3838b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jun 2022 16:54:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"629799ae-10e03"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: public, no-transform, must-revalidate
Connection: keep-alive

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 107ms
106ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI1GF9b/IZMAAA
x-accel-expires: @1657166581
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: VLj/1Tl1ctI
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 37665
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 137 KB
15 KB 120ms
120ms Script
text/html 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=28
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4a6f3fcac6d7e7b136f337f00fd6ae26d976f79b380b0bc37d4e5f2871bbaa7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI3fZL3/n4UAAA
x-accel-expires: @1657170039
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: QfnWdMXSP7o
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 34207
x-77-pop: frankfurtDE

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 23 KB
6 KB 84ms
83ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-5d92"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK navigation.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 2 KB
1 KB 81ms
80ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-61f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.fitvids.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/fitvids/ 2 KB
1 KB 83ms
82ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-6da"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK skip-link-focus-fix.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 325 B
695 B 80ms
80ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-145"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK colormag-custom.min.js Show response
nnews.com.ua/wp-content/themes/colormag/js/ 3 KB
2 KB 81ms
81ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-b0a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK script.js Show response
nnews.com.ua/wp-content/plugins/social-rocket/assets/js/ 5 KB
2 KB 91ms
90ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/js/script.js?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9525ebb3f503818c8cf93cda1beb1496e83c15fa33118ecd2954868bd5693d17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-15c4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK intersection-observer.js Show response
nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 93ms
92ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=d9298cd9df65ad92eff12a3a90a1a5b8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 17:49:51 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62585ebf-2317"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK lazy-images.js Show response
nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 91ms
91ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=a902a338e584591be6603d4879c43367
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Apr 2022 17:49:51 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62585ebf-925"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.min.css
nnews.com.ua/wp-includes/css/dist/block-library/ 87 KB
12 KB 98ms
97ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 21:05:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"628d488f-15b26"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.build.css
nnews.com.ua/wp-content/plugins/block-options/build/ 27 KB
4 KB 83ms
83ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/block-options/build/style.build.css?ver=new
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 00a03e55398c25bd26f079382ea8f492c5592821fc54a1a1d86283c1fcca429f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 16:38:53 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6294f31d-6d5a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.min.css
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/ 58 KB
13 KB 117ms
116ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-e7a9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/ 18 KB
2 KB 82ms
81ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.4.8
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9d9f587b8de85c0ff66e04e9626075d369df65bbdc2f37ad95274b6c8e69548d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"61adfe46-476f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dashicons.min.css
nnews.com.ua/wp-includes/css/ 58 KB
35 KB 114ms
114ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/css/dashicons.min.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Mar 2021 20:02:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"605cec4b-e688"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/post-views-counter/css/ 289 B
640 B 80ms
80ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Feb 2022 10:36:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62078dbe-121"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.css
nnews.com.ua/wp-content/plugins/wp-social/assets/css/ 66 KB
7 KB 87ms
86ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/css/frontend.css?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-1076f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-icon.css
nnews.com.ua/wp-content/plugins/wp-social/assets/css/ 43 KB
8 KB 95ms
94ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/wp-social/assets/css/font-icon.css?ver=1.8.6
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:07:29 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff781-ab05"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/themes/colormag/ 78 KB
13 KB 90ms
90ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/style.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 164f339fe9b8d6a3a4251eb2e875c01686c824ba558f320ed9f4859bbe842667

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-1397e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/themes/colormag-child/ 357 B
681 B 81ms
81ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag-child/style.css?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8bfd5a87b548d9298230da63c68e625fcf5b12212ab5705e86df04bc8da0d8cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Mar 2022 18:48:28 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6245f77c-165"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK font-awesome.min.css
nnews.com.ua/wp-content/themes/colormag/fontawesome/css/ 30 KB
7 KB 91ms
91ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"625ff83a-7918"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 199ms
77ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 14:25:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:46 GMT

GET
H/1.1 200
OK public.css
nnews.com.ua/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
927 B 106ms
105ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2022 11:02:38 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"6246dbce-421"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dynamic-mobmenu.css
nnews.com.ua/wp-content/uploads/ 9 KB
2 KB 81ms
81ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/uploads/dynamic-mobmenu.css?ver=2.8.2.7-408
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9517bed8b8875d7bb1f3a1796c90ab7ea91f4031960e7b75dbf91b576cfd0cc7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 09:52:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62691241-2544"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
543 B 178ms
68ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3A500%2C400&subset=latin%2Clatin-ext&ver=6.0

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84b78c17a297376b3e237b79f885b2cc37f52ff98b9450cf47b79742f58884ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 14:30:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:47 GMT

GET
H/1.1 200
OK style.css
nnews.com.ua/wp-content/plugins/social-rocket/assets/css/ 21 KB
4 KB 93ms
93ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/style.css?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 418d9874dd62b9f78cdc4748132a6ba853675d5ea12bec04de41871aabbe01dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-5454"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK all.min.css
nnews.com.ua/wp-content/plugins/social-rocket/assets/css/ 58 KB
13 KB 101ms
98ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62483e9a-e7a9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK srpw-frontend.css
nnews.com.ua/wp-content/plugins/smart-recent-posts-widget/assets/css/ 3 KB
1 KB 81ms
81ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/smart-recent-posts-widget/assets/css/srpw-frontend.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8cc1b08d63c874d0932c0a26ade1df67e2e28c43a310323f9a607f1eac6850a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Mar 2022 14:27:25 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"624468cd-be8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu-icons.css
nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/ 5 KB
2 KB 82ms
81ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d6a58af6179ec4972d40e77dd7e20541e17429bcb405f0b382bfef50d55e1347

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-147f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobmenu.css
nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/ 8 KB
2 KB 82ms
82ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/mobile-menu/includes/css/mobmenu.css?ver=2.8.2.7
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 06e017fecc403fc633e00fdb66ca93ca3a73428ee84a8f0b21231e9bd8b4d9f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Apr 2022 09:48:41 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62496d79-2126"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK frontend.min.css
nnews.com.ua/wp-content/plugins/squirrly-seo/view/assets/css/ 2 KB
1 KB 81ms
80ms Stylesheet
text/css 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/squirrly-seo/view/assets/css/frontend.min.css?ver=12.1.06
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: eea1490778379b3cb73ab252012a8cb4756de3b9998732d43b0bc525561dfafa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 17:13:46 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"62b1fc4a-619"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
nnews.com.ua/wp-includes/js/ 18 KB
5 KB 104ms
101ms Script
application/javascript 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Wed, 06 Jul 2022 14:30:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 May 2022 21:05:19 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"628d488f-48b9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 67ms
67ms Script
application/javascript 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI0Twiv/I5MAAA
pragma: public
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
etag: W/"604b9fc7-981e"
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: DnLL0vHPkcc
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 37667
x-77-pop: frankfurtDE
x-accel-expires: @1658116979

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 250ms
62ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=2&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: nginx
X-IPLB-Request-ID: 52C7822D:EAC4_36264064:01BB_62C59C96_111D4FA9:2C9E1
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 93 KB
31 KB 207ms
59ms Script
application/javascript 193.108.153.18
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 31943
Expires: Wed, 06 Jul 2022 14:45:47 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 206ms
64ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1628
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
21 KB 192ms
87ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72690a50285476e7-LHR
date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 235ms
55ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Mon, 18 Oct 2021 12:21:41 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 52C7822D:8154_91EFC133:01BB_62C59C97_A49A22A2:49CE
ETag: "616d66d5-15ab"
X-IPLB-Instance: 29923
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 348C 0
0 192ms
60ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657117846789

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 288ms
62ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
etag: "Sy8yk7L2ihxjBP+YyKUKJg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 13 Jul 2022 14:30:47 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12761/ 2 KB
2 KB 320ms
56ms Script
application/javascript 54.154.72.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.72.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 79c16dc4f1912fa52c774e168fabd9f66b6893664bdf286ff773c0b7cde46c1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:46 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 272ms
61ms Script
text/javascript 143.204.101.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-100.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 05:23:31 GMT
Via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 32837
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: VkOJNkUddcSl7SDbY68fVT2M3fn6fvOC6FMU9XMLN84m2f1x-adFNA==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_1/build/dist/ 629 KB
159 KB 91ms
90ms Script
application/javascript 2a02:6ea0:c700::20
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt: AdRmOI1yZPn/I5MAAA
pragma: public
date: Wed, 06 Jul 2022 14:30:46 GMT
content-encoding: br
etag: W/"62a8971d-9d355"
last-modified: Tue, 14 Jun 2022 14:11:41 GMT
server: CDN77-Turbo
x-77-nzt-ray: ILDTknxPNeM
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 37667
x-77-pop: frankfurtDE
x-accel-expires: @1658116979

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 245ms
63ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=20&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: nginx
X-IPLB-Request-ID: 52C7822D:EAC2_36264064:01BB_62C59C96_111DD283:1C99C
X-IPLB-Instance: 20686
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 238ms
61ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=19&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: nginx
X-IPLB-Request-ID: 52C7822D:EAC8_36264064:01BB_62C59C96_111A78D5:2C9DC
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 getdata Show response
api.phoenix-widget.com/api/v2/ 11 KB
12 KB 1530ms
1295ms XHR
application/json 143.244.196.143
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://api.phoenix-widget.com/api/v2/getdata?callback=phoenix76251&site_id=6166d0d9f44872f8e903e3ca&widget_id=6166d0eff44872f8e903e3cc&puid=18f793e63d9f2d1608ae2aa2&url=https://nnews.com.ua/&preview=false

Requested by

Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.196.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

36eb5f47a0a8d895e809a192bb4fa91f345bd44ad61091f76ac49bc9b52980df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
amp-same-origin: true
etag: "82770c3b98092078b68ef8de35143a333b878515"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
content-length: 11738

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
272 B 144ms
88ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=81546&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=81546&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: nginx
X-IPLB-Request-ID: 52C7822D:EAC4_36264064:01BB_62C59C97_111D4FB1:2C9E1
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 242ms
57ms Image
image/gif 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 189ms
63ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nnews.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 06 Jul 2022 14:30:47 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1190
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnnews.com.ua%2F&domain=nnews.com.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=-u7b2XxFd2lqa2JWbVprRTlVYzJ5bFRpMFo4VFlzekRVMVJtRytFcTZqaDhEbFM3WGRVQkRGNlpvQlJBQkxCb2JFV1o2akNTOHBnSzJuVFZQY2w5OEJqay96SGpoRHdNS0hZSHo0N3VJamhpS010TURkS093dmk3NVN6OT...

350 B
617 B

193ms
67ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-u7b2XxFd2lqa2JWbVprRTlVYzJ5bFRpMFo4VFlzekRVMVJtRytFcTZqaDhEbFM3WGRVQkRGNlpvQlJBQkxCb2JFV1o2akNTOHBnSzJuVFZQY2w5OEJqay96SGpoRHdNS0hZSHo0N3VJamhpS010TURkS093dmk3NVN6OThNVnllR3VkQnB6ZTZSdnh3YUZkcGNhV3R5Q3YycUg1aGNSWnUrYk94MmtRY3NkeVlIU3duWlJzNkhSdUwyZ0RiL3AyK2dkajhldUg3YmViVHhPVXVYK2FJRjBicm00MjRIYVg3THRLaDRqb1F3RzQvdGxjPXw&cppv=2

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5dd6940259a7ab29e9d967f383168e5ad5e45bc1ea33960826a5d6aff63a3113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2893
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:46 GMT
location: https://mug.criteo.com/sid?cpp=-u7b2XxFd2lqa2JWbVprRTlVYzJ5bFRpMFo4VFlzekRVMVJtRytFcTZqaDhEbFM3WGRVQkRGNlpvQlJBQkxCb2JFV1o2akNTOHBnSzJuVFZQY2w5OEJqay96SGpoRHdNS0hZSHo0N3VJamhpS010TURkS093dmk3NVN6OThNVnllR3VkQnB6ZTZSdnh3YUZkcGNhV3R5Q3YycUg1aGNSWnUrYk94MmtRY3NkeVlIU3duWlJzNkhSdUwyZ0RiL3AyK2dkajhldUg3YmViVHhPVXVYK2FJRjBicm00MjRIYVg3THRLaDRqb1F3RzQvdGxjPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1450
content-length: 482
expires: 0

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 212 B
618 B 206ms
62ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

2d772a03a665ff262eca71c5815d9f1219839f8dbf98dd5393ce23c8a5454902

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nnews.com.ua
date: Wed, 06 Jul 2022 14:30:47 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 184ms
53ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 140318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 23:32:09 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 259ms
129ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 20:10:55 GMT
x-content-type-options: nosniff
age: 152392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 20:10:55 GMT

GET
H/1.1 200
OK L2-3.svg
nnews.com.ua/wp-content/uploads/2022/05/ 2 KB
3 KB 81ms
81ms Image
image/svg+xml 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/05/L2-3.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 17d856678984869648bd79f6dca093140f5b8442f93f9d6bd050d5b8d1da6cf5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 25 May 2022 11:50:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "628e17f5-9f0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2544

GET
H/1.1 200
OK iPhone-14-dummies-800x445.jpeg
nnews.com.ua/wp-content/uploads/2022/07/ 20 KB
20 KB 162ms
162ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/07/iPhone-14-dummies-800x445.jpeg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5805d4f5e848b10b210016859b3217402ee2a06ffa1f00e63f782e5533bfa9c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 06 Jul 2022 10:39:00 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62c56644-4e38"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20024
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_2741-300x169.jpg
nnews.com.ua/wp-content/uploads/2022/01/ 13 KB
14 KB 83ms
82ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/01/img_2741-300x169.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4280fda8cad7f9cc8562b360b8c3d73fa8ea960b83ab3b0677af077d57eb252b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Sat, 01 Jan 2022 16:50:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61d08639-34c0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13504
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img_2292-300x169.jpg
nnews.com.ua/wp-content/uploads/2021/10/ 4 KB
4 KB 81ms
81ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2021/10/img_2292-300x169.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 678db2eea8bf661d580dd20fd8f9bc5aec662c3e622a0191c93aa3e2181f7b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Sat, 11 Dec 2021 11:17:11 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61b488b7-fb8"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4024
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK g4nR1-300x169.jpg
nnews.com.ua/wp-content/uploads/2022/02/ 9 KB
10 KB 82ms
82ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/02/g4nR1-300x169.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9d1dda02d9bfdb6085c071d78bf02fdbed5b774072fa88811496113a79ad33a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 02 Feb 2022 11:36:01 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61fa6ca1-25f6"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9718
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 339 KB
120 KB 189ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5922947659732689&plah=nnews.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ddd792c68fc3c71b48bcc8cf7f91b8624815b9e631a2ed2dd9ed1da3e5551c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122440
x-xss-protection: 0
server: cafe
etag: 2264684801564466311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:30:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 9BFE 10 KB
5 KB 172ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922947659732689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 80897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Tue, 19 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199281257-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5158
date: Wed, 06 Jul 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 06 Jul 2022 15:04:49 GMT

GET
H2 200 nnews.com.ua.1291903.es6.js Show response
jsc.mgid.com/n/n/ 264 KB
76 KB 240ms
239ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d2ec183c3e161c1eba470ccc5757ea4bbf4ad69216d754fe66fcd25b8c71f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1S191D543JJ4B9FP
cf-polished: origSize=270508
cf-ray: 72690a512fa78898-LHR
last-modified: Wed, 15 Jun 2022 13:38:47 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VknKUJQ90ksh6/0d3KxrLGVOi+CSQbnacTd8aOZaFDcA73/C1iweHEozHYmcXM0yHEsjuMQDpJM=
cf-bgj: minify
server: cloudflare
etag: W/"a24c61061a2c6d861fd00eed43709e1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ZtDy39ecIfz2sHw0X8qUcnZL7m2DPLEV
cache-control: public, max-age=10800
content-type: text/javascript
expires: Wed, 06 Jul 2022 17:30:47 GMT

GET
H2 200 / Show response
spl.zeotap.com/ 2 KB
973 B 64ms
64ms XHR
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 415e9b9c04b67558c7f295ee7194330856bdbf60d226be6d4283db30ca08ff5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72690a513a0f76e7-LHR
date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 212 B
618 B 102ms
57ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

56172deb71e2515294dcb24654d156cb8b946ffa6ebaa1db3a24aa507142b0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nnews.com.ua
date: Wed, 06 Jul 2022 14:30:47 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 1DEA 0
246 B 58ms
57ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fnnews.com.ua%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
X-IPLB-Instance: 29923
X-IPLB-Request-ID: 52C7822D:8154_91EFC133:01BB_62C59C97_A49A22AB:49CE

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 179ms
57ms Script
application/javascript 2600:9000:2156:0:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:43:29 GMT
content-encoding: gzip
age: 2839
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KtORkDpyUdxP3evbtRDSvkdvaBxD_zsCo_IWAC4SdUg4dOO3ciwl8g==

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d3...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133...
https://mwzeom.zeotap.com/mw?adnxs_uid=8396728339614736720&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258

95 B
164 B

80ms
76ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8396728339614736720&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 72690a537d4176e7-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 14:30:47 GMT
X-Proxy-Origin: 82.199.130.45; 82.199.130.45; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a68e6fe1-db5d-404a-853f-38aaaed6ec85
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8396728339614736720&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c...
https://mwzeom.zeotap.com/mw?google_gid=CAESEEW-Wu8J9azHA7_AqgVd6TE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555...

95 B
153 B

89ms
89ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEEW-Wu8J9azHA7_AqgVd6TE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 72690a542e8e76e7-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEEW-Wu8J9azHA7_AqgVd6TE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 182ms
59ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a2aa2b4-6e74-416c-44a8-5c1efc133b54%26reqId%3Db27d6960-d28a-47c9-555c-8a4840d38a5c%26zdid%3D1258&gdpr=1&gdpr_consent=
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=88526550028832116171499366875359695072&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840...

95 B
153 B

70ms
69ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=88526550028832116171499366875359695072&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 72690a53ee2e76e7-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v036-032efc0e8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: l4PLsJsoRX4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=88526550028832116171499366875359695072&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MJVNGQ3ZcbFiap8UC0IkMY%2BV2X8KFiOp%2BS41iYitP1U%3D

95 B
153 B

86ms
77ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MJVNGQ3ZcbFiap8UC0IkMY%2BV2X8KFiOp%2BS41iYitP1U%3D
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 72690a537d4a76e7-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=MJVNGQ3ZcbFiap8UC0IkMY%2BV2X8KFiOp%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D7a...
https://mwzeom.zeotap.com/mw?cid=ab7a62c5-9c97-4700-90f5-30dc7b8a9cdc&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c...

95 B
153 B

94ms
94ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=ab7a62c5-9c97-4700-90f5-30dc7b8a9cdc&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://nnews.com.ua
access-control-allow-credentials: true
cf-ray: 72690a537d5076e7-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=ab7a62c5-9c97-4700-90f5-30dc7b8a9cdc&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=7a2aa2b4-6e74-416c-44a8-5c1efc133b54&reqId=b27d6960-d28a-47c9-555c-8a4840d38a5c&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 06 Jul 2022 14:30:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 173ms
56ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 01:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 01:46:51 GMT

GET
H/1.1 200
OK Android-logo-e1580220398951-800x445.png
nnews.com.ua/wp-content/uploads/2022/07/ 5 KB
5 KB 82ms
81ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/07/Android-logo-e1580220398951-800x445.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 23512696ddd07fcd4036b80335201e3878c0cf85193f0753978fb8719e3eb796

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 06 Jul 2022 10:49:56 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62c568d4-1298"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=315360000, private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4760
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Oppo-ColorOS-13-beta-program-800x445.webp
nnews.com.ua/wp-content/uploads/2022/07/ 21 KB
21 KB 85ms
84ms Image
image/webp 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnews.com.ua/wp-content/uploads/2022/07/Oppo-ColorOS-13-beta-program-800x445.webp
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7d38484db5c24167df3ab11e8df6736b3641e5ade46dcc3ace71b0b4acfe4c85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 06 Jul 2022 11:02:31 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62c56bc7-5502"
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21762

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 188ms
57ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 06 Jul 2022 14:30:46 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1079
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 840 B
1 KB 230ms
58ms Script
application/javascript 52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=4ec12154-159a-4f87-8719-be76599bfa64

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf9d8e6d3007120b19f3ad0fbeb2ae2f05b663ea020f9b876b88414a2e36d2c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 06 Jul 2022 14:30:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 840
Expires: Thu, 30 Jun 2022 08:52:27 UTC

GET
H/1.1 200
OK fa-solid-900.woff2
nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/webfonts/ 76 KB
77 KB 82ms
81ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/webfonts/fa-solid-900.woff2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://nnews.com.ua/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/all.min.css?ver=3.4.8
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Mon, 06 Dec 2021 12:12:54 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "61adfe46-131bc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 171ms
62ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1263515404&t=pageview&_s=1&dl=https%3A%2F%2Fnnews.com.ua%2F&ul=en-us&de=UTF-8&dt=NNews%20-%20%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1765153462&gjid=1926282912&cid=985095794.1657117847&tid=UA-199281257-1&_gid=2009348596.1657117847&_r=1&gtm=2ou6t0&z=773253420

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 193ms
62ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nnews.com.ua&callback=_gfp_s_&client=ca-pub-5922947659732689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5922947659732689&plah=nnews.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a415cc1d1b008bc98b976d976022303fdde98864c2649fec1bce001b8002e43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 181ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 179ms
62ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E400 123 KB
39 KB 628ms
517ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&adk=1812271804&adf=3025194257&lmt=1657117847&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnnews.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847121&bpp=4&bdt=653&idt=335&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2986425637922&frm=20&pv=2&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3cd0ec15f127ec2cf8a2fb56e74f99b922b96cd20015dbfe8345d5a7e6cae38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 39431
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:48 GMT
expires: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 708F 105 KB
36 KB 560ms
468ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87ca04a30269d5b6e4f985c278b7ba9f595736c98dc2e34ae068bd3a5e3da4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36964
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:48 GMT
expires: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA09 85 KB
32 KB 671ms
614ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72b242a2af6b805b90877ab3a31c291f7cc8029a6bc2754e91cc6367a5f720c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32637
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:48 GMT
expires: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=315120595;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnnews.com.ua%2F;uht=2;fpan=1;fpa=P0-1415615090-1657117847559;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220628170050;cm=;gd...
pixel.quantserve.com/ 35 B
372 B 63ms
62ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=315120595;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnnews.com.ua%2F;uht=2;fpan=1;fpa=P0-1415615090-1657117847559;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220628170050;cm=;gdpr=0;ref=;d=nnews.com.ua;dst=0;et=1657117847559;tzo=0;ogl=url.https%3A%2F%2Fnnews%252Ecom%252Eua%2Ctitle.NNews%20-%20%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83%2Cdescription.%D0%86%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BF%D1%80%D0%BE%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20-%20NNews%2Ctype.website%2Csite_name.NNews%2Clocale.en_US

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F1B2 100 KB
33 KB 1074ms
1055ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24d81e4300ddf324f2a26011b4a12aca28a5f6748ec8689edf8f7dfd3cacee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33628
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:48 GMT
expires: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 3ee0b6e5-402e-4386-9967-daa879b93e8a
https://nnews.com.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nnews.com.ua/3ee0b6e5-402e-4386-9967-daa879b93e8a
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK f29baac7-a3a9-4c1b-aa38-be137a214946
https://nnews.com.ua/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nnews.com.ua/f29baac7-a3a9-4c1b-aa38-be137a214946
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 584D 86 KB
32 KB 594ms
587ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34cfefc2eb2abefbbb88003731d313036b1d3c8b1448a10645b0dfd9cac17c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32870
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:48 GMT
expires: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 181ms
58ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-199281257-1&cid=985095794.1657117847&jid=1765153462&gjid=1926282912&_gid=2009348596.1657117847&_u=YEBAAUAAAAAAAC~&z=884658782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Jul 2022 14:30:47 GMT
content-type: text/plain
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
523 B 250ms
57ms XHR
application/x-javascript 46.137.164.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.137.164.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-164-28.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 14:30:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jul 2022 14:30:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://nnews.com.ua
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0&cklb=1

0
316 B

51ms
50ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0&cklb=1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=4ec12154-159a-4f87-8719-be76599bfa64&gdpr=0&cklb=1
pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12761%26ref%3D%26url%3Dhttps%253A%252F%252Fnnews.com.ua%252F%26hn_ver%3D40%26fid%3D4ec12154-159a-4f...
https://s.cpx.to/an_fire?app_nexus_uid=8396728339614736720&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=4ec12154-159a-4f87-8719-be76599bfa64

95 B
865 B

55ms
54ms

Image
image/png

52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8396728339614736720&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=4ec12154-159a-4f87-8719-be76599bfa64

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 06 Jul 2022 14:30:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 06 Jul 2022 14:30:47 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 14:30:47 GMT
X-Proxy-Origin: 82.199.130.45; 82.199.130.45; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bbccd07c-7fca-4dcd-86c4-34a6abf90da9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=8396728339614736720&pid=12761&ref=&url=https%3A%2F%2Fnnews.com.ua%2F&hn_ver=40&fid=4ec12154-159a-4f87-8719-be76599bfa64
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64
https://s.cpx.to/ca.png?dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64&google_gid=CAESEPDfWEgIS5F7pOjqBiPi_m8&google_cver=1

95 B
804 B

54ms
53ms

Image
image/png

52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64&google_gid=CAESEPDfWEgIS5F7pOjqBiPi_m8&google_cver=1

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

HTTP/1.1

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 06 Jul 2022 14:30:47 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=4ec12154-159a-4f87-8719-be76599bfa64&google_gid=CAESEPDfWEgIS5F7pOjqBiPi_m8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 67ms
64ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 UCookieSetPug
image2.pubmatic.com/AdServer/ 0
225 B 200ms
60ms Image
text/html 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4ec12154-159a-4f87-8719-be76599bfa64
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK fontawesome-webfont.woff2
nnews.com.ua/wp-content/themes/colormag/fontawesome/fonts/ 75 KB
76 KB 196ms
166ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://nnews.com.ua/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.2
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Wed, 20 Apr 2022 12:10:34 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "625ff83a-12d68"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160

GET
H/1.1 200
OK fa-solid-900.woff2
nnews.com.ua/wp-content/plugins/social-rocket/assets/webfonts/ 76 KB
77 KB 82ms
81ms Font
application/octet-stream 176.104.8.35
UNDERNET-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/webfonts/fa-solid-900.woff2
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.104.8.35 Sofiyevskaya Borshchagovka, Ukraine, ASN41435 (UNDERNET-AS1, UA),
Reverse DNS: s-176-104-8-35.under.net.ua
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://nnews.com.ua/wp-content/plugins/social-rocket/assets/css/all.min.css?ver=1.3.1
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:47 GMT
Last-Modified: Sat, 02 Apr 2022 12:16:26 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "62483e9a-131bc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

GET
H2 200 / Show response
c.mgid.com/pv/ 0
36 B 177ms
166ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=165711784783535797058&uniqId=039c1&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnnews.com.ua&lu=https%3A%2F%2Fnnews.com.ua%2F&sessionId=62c59c98-13de2&pageView=1&pvid=181d3ebb11c8b293d48&site=735252&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72690a5539038898-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
BLOB 206
Partial Content 5db9913b-9ff3-475d-a9c9-a812db7b0583
https://nnews.com.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nnews.com.ua/5db9913b-9ff3-475d-a9c9-a812db7b0583
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 75ms
65ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 4712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SP9S38C17NRA2N
x-amz-id-2: hM4jifOGVgGSz6n0l6qEeMQS+d1FUtMyTEFZ3vsaDAWa8MOI25u2t1jcWxMxYvSjEu8DXSK8SQo=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 72690a55594c8898-LHR
expires: Thu, 07 Jul 2022 14:30:47 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
887 B 63ms
53ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 4791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 72690a5559518898-LHR
expires: Thu, 07 Jul 2022 14:30:47 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1291903/ 3 KB
1 KB 77ms
69ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1291903/1?pv=5&cbuster=1657117847910947595666&uniqId=039c1&lct=1655251200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=310&h=907&maxw_3=306&maxh_3=273&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fnnews.com.ua&lu=https%3A%2F%2Fnnews.com.ua%2F&sessionId=62c59c98-13de2&pageView=1&pvid=181d3ebb11c8b293d48&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12c379cee31d4f72dd56a8212acb6429c1157f1ab3a3f2f62fe2733118ad8b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 72690a55aa328898-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
126 B 137ms
137ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=79
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72690a561b168898-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xNzU2ODUvZjg5Y...
s-img.mgid.com/g/13414352/492x277/-/ 9 KB
9 KB 161ms
61ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13414352/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xNzU2ODUvZjg5Y2IyNTM5ZjA5Njg1YjdlZjUxZGIyODM3ZjYzZDQuanBn.webp?v=1657117847-RDKXKJU3B6wwnAjdgB5QmT7AApVt0YVEJQcBQU2U78Q
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2453c544ecfbba764f3e62d6b51a9778d0c220da4a628e778c198e7279d69303

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 01:25:16 GMT
x-mg-request-uuid: c3dd50f9-8654-4bf4-9ea7-7bc496d286cf
age: 391019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 72690a56ce370696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8782
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3M...
s-img.mgid.com/g/12581125/492x277/-/ 11 KB
12 KB 208ms
108ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12581125/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfMTAxMix5XzEzNjYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0Lzc3MzU1M2U4ZjcxMTc3NmVmNDBkNjAxMTA1ZDBjZDBjLmpwZWc.webp?v=1657117847-dm8Abe_5hJPsTQ2QpVqY-y5nDe21sNAanpq0026OSFg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 09:36:38 GMT
x-mg-request-uuid: b2d4d12d-9ec1-4561-919c-9a40c79833ac
age: 221022
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 72690a56ce380696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11492
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTQwLHlfNzA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1L...
s-img.mgid.com/g/13054791/492x277/-/ 38 KB
38 KB 162ms
63ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13054791/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTQwLHlfNzA2L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzEwMTkyNC8wMzY4YzMxZDBlMGU3Y2U0ODE2MTYyMTVmMTM2YmVhYi5qcGc.webp?v=1657117847-5xOCqgqmtWgFp1fTskNwsCWyf7Rz-Tpc8GVbMiD8TKk
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e072894ddd825f5ebc351f1b96c482f48793fcd0bfa6814efce0f7c5d4eac91e

Request headers

Referer: https://nnews.com.ua/
Origin: https://nnews.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 11:59:32 GMT
x-mg-request-uuid: 73a565cc-1224-4d03-b036-884469bd10ff
age: 1409375
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 72690a56ce390696-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38872
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
102 B 145ms
134ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1657117847999943423066
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72690a563b788898-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame ABB5 0
38 B 137ms
136ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1657117848021953096134
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/n/nnews.com.ua.1291903.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 72690a564b968898-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
269 B 140ms
140ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=178
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 72690a56485271d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 708F 8 KB
711 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 12:45:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 708F 2 KB
984 B 188ms
72ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:24:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 708F 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRB_fl5zFYtXQJ4juZ7SVtQiZ6eP4arillP35Dc608KuwFhABIMCekocBYLu-roPQCqAB6YiGxAPIAQmpAgEjXluZELQ-qAMByAPLBKoEwwFP0E14JdgbiC99hPyAxAw3tmmelPBbo09HlMwTjF7MuEBO0txLhGDeYROlObIO17vY-A9LWCajr7Q9uq7yI15oFMrkobOjtIbu10BaJCjuEx5BvIb5nat6nzCX-rRHuVsagjQNv3unAejDdTYDtmsgOzHCoeznaEGS2FqULcBKUNJtMJrAdLwNxdk8NPf7H0x_vIF8dy4TXQZw-IZ3ZhnRcEZGITy-V_FuG2an6N0r4JUPwjRZ01kfHrRnZI7sMxKnZ_PABMWo-qPSA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAenwbwDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ-bQU0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gn2BML0BUBmBYBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=rky-rb9o50M&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 708F 21 KB
9 KB 172ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 12:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8706
x-xss-protection: 0
server: cafe
etag: 11173422395264295734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 12:51:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 708F 3 KB
1 KB 169ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:21:52 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/6416089050913884602/ Frame 708F 17 KB
18 KB 221ms
115ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6416089050913884602/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e063d48991e507f191c541c396d364bb4c0263e4dadf98d6d2576c3eb8ed4bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17843
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 16:34:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 14:30:48 GMT

GET
DATA 200
OK truncated
/ Frame 708F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 708F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 708F 138 KB
43 KB 69ms
68ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 708F 17 KB
8 KB 138ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 11:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7350
x-xss-protection: 0
server: cafe
etag: 4581267900612465077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 11:53:46 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 708F 0
0 178ms
61ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuIphPayxWxQy8MTNQj_1sfziPaE7u3sV0eOWGnXtOaQUxsM16vaByijsew6fIQyj7FTTnRWbZS_50FN_juMREMV9dKw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 708F 31 KB
13 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 149 KB
53 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c41af18763855c7d428ac74a677281347c5743255d5a65d6bfedd0a586c702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54366
x-xss-protection: 0
server: cafe
etag: 5461199757739441664
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 584D 6 KB
672 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 13:06:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 584D 2 KB
983 B 68ms
68ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:25:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 584D 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Caw3el5zFYoPJJ9qO-cAPuJCKmAaJqN6uaq2MnLvzD7CygOyQAhABIMCekocBYLu-roPQCqAB-6S_zSjIAQmpAgEjXluZELQ-qAMByAPLBKoE1AFP0H_-Ml3MYASeC4LVwIIlkVxbIueZf8HEEUfOZY7TyvNfV5RRqaydkQdnENIfAllP7b5PXPwmKybp8wyhD4Dq9npT332XJlghPVypsJoIQWbX1dQBtcPIAQtXOumvaXDVV6z98dge0lk18gHm6W2C-FN4ZP91Kdd_EZsmYk5PzZhBTAy21ZA_WdgH3ygpaTU2cTHcEzmdEE2lq0N345FOnR4GBLnDX5zeyLgpCikysAQApKc3PH8nZY8vPMvEHM6ZfCFmZxRyMA90e-3Nacs35DIf8MAE5fehj_0DkgUECAQYAZIFBAgFGASgBi6AB_vcj60DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzOYZ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=lEeR6jMUjSU&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 584D 21 KB
9 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:24:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 584D 3 KB
1 KB 105ms
103ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:22:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 584D 138 KB
42 KB 69ms
67ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 584D 17 KB
7 KB 128ms
126ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:26:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 584D 0
0 86ms
62ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7hPJswyXP5H0X9LAHRiSgqBUV84QckjALixbxKXkjbWHaMHjmraI8TyJ1dbIJy9HAwUNN-XYW7YsOEdBH-B_fS30dxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 584D 31 KB
13 KB 91ms
67ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/771881921076913203/ Frame 584D 12 KB
13 KB 167ms
166ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/771881921076913203/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836d7a76d0865f25a70657c2efca62962871705ae2770afde893e01c64b279c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12781
x-xss-protection: 0
last-modified: Fri, 27 May 2022 17:42:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 14:30:48 GMT

GET
DATA 200
OK truncated
/ Frame 584D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame BA09 6 KB
672 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 12:41:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BA09 2 KB
936 B 133ms
133ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:25:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame BA09 21 KB
9 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:24:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA09 0
0 100ms
98ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjhCWl5zFYov0J5WzZ9WEkMACi4_3-GqdhvLq6A3a7ZzP5CUQASDAnpKHAWC7vq6D0AqgAe6CsawByAEJqQLPE9038DixPqgDAcgDywSqBNoBT9BflrKJLrEd7MF457u4vpjIHPmPcafqC6BxvY0XcSjwvtcipB3BuKL_X7DUQhHVe8Lhx_Vz_maa5j32Aa1srdwX6HAnaYOt0OyeTStafnxyDanv1UCG0J0mgSBGlUxEUhSwCvhD3g6vFTi4vFefehU4Rg8Jx8dymmL3FXkOmESzL5d7RZAiTleDMTl-ddeBbd7dqMY7FQr9RxHdkvojQu1H6waHhjYTkpNdxCDKahybjidhNeOB_yLluLI9J1uHlpTpNKiE5XHP1j9a4-7EIGsrJHuqOxpfM2nABOmFlYPXA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf6_M7TAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELHZLdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi01OTIyOTQ3NjU5NzMyNjg5GAA&sigh=Kmd1miHS4u8&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BA09 3 KB
1 KB 124ms
122ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:22:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:22:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA09 138 KB
42 KB 84ms
83ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame BA09 17 KB
7 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:26:59 GMT

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame BA09 31 KB
13 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 20:43:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 13:16:52 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2120596903919861904/ Frame BA09 23 KB
23 KB 118ms
117ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2120596903919861904/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6b796e301e6bb8f0404d9f4e180ed8e458c932ec02cef7f07869aa01c7cea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23902
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 10:26:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 14:30:48 GMT

GET
DATA 200
OK truncated
/ Frame BA09 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 177ms
62ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 178ms
63ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nnews.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 3587 10 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 76546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Tue, 19 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDB4 1 KB
749 B 57ms
56ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 07 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 708F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30e8ae2448112b0e88724880b99261e660b1e30a891829536d13389e9c8ee5d9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6EED 1 KB
749 B 55ms
54ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 07 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 708F 44 KB
44 KB 200ms
89ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 140319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 23:32:09 GMT

GET
DATA 200
OK truncated
/ Frame 584D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338dbe882f245e17d51a4aee79bbda8785ae4f7c74f9f219fdeb3fbe76b0e4ed

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 3587 8 KB
711 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 14:01:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 06 Jul 2022 14:30:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3587 2 KB
902 B 203ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:13:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3587 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CizSll5zFYvHHJqPR7_UPpIW2-AqvpoKcaoiVp_6wD6CHgOyQAhABIMCekocBYLu-roPQCqABwprV8wPIAQmpAq4I3-219bM-qAMByAPLhIACqgTHAU_QocJDmTlA_W097jAKiJ6sO0828Y9wCOWmaRQvsxC5CbymfT5DY70VfR6PCdam7_4NiBiVy1BAzAy8bjInGV7oUXthOvOIMb7CHMpraef2wPRol4AyuhQI-b74PHApXECMRFGQhoI_zRM6nPzmHHbVOxKxOEOt73iWCm2SDU0y6HQf4O2evUukF-QbYte4_riNbzYVBrkVmTVsB2J68QHivU-I_8NxFEKwR43dmLmyPSx_9JjM7zfLiAzP7NScqQvPrYYRO0HABMHctdH3A5IFBAgEGAGSBQQIBRgEoAYugAem5aoMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgPci0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gn2BML0BUBmBYBgBcBshccChoIABIUcHViLTU5MjI5NDc2NTk3MzI2ODkYAA&sigh=BbAZbVG-5iw&uach_m=[UACH]&template_id=5000

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 3587 21 KB
8 KB 176ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3587 3 KB
1 KB 203ms
91ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:58:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 3587 17 KB
7 KB 165ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:18:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3587 138 KB
42 KB 64ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 3587 31 KB
13 KB 165ms
54ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 584D 15 KB
16 KB 120ms
54ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 20759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 584D 15 KB
15 KB 118ms
56ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 182611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:47:17 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6031334247736376273/ Frame 3587 11 KB
11 KB 165ms
75ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6031334247736376273/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda25726bb9e218b87225e99e4bb2077b5725ef80c4abc7bd18afa3e2d754c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 18:05:25 GMT
x-content-type-options: nosniff
age: 419123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11106
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 08:12:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Jul 2023 18:05:25 GMT

GET
DATA 200
OK truncated
/ Frame 3587 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3587 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A5E2 1 KB
749 B 55ms
54ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 07 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BA09 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19dd67beb0656f0049b353adac1964742430cc04656dc7bd6e59f9733779a2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/ 35 B
55 B 171ms
61ms XHR
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://nnews.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK stats Show response
stats.phoenix-widget.com/ 0
356 B 51ms
51ms XHR
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Requested by: Host: phoenix-widget.com
URL: https://phoenix-widget.com/static/js/jsonp_v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nnews.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 06 Jul 2022 14:30:48 GMT
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range

OPTIONS
H/1.1 204
No Content stats
stats.phoenix-widget.com/ Frame 0
0 159ms
50ms Preflight
text/plain 188.166.37.243
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.phoenix-widget.com/stats
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.37.243 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nnews.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 06 Jul 2022 14:30:48 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA09 15 KB
16 KB 83ms
83ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 20759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BA09 15 KB
15 KB 102ms
102ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 182611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:47:17 GMT

GET
H/1.1 200
OK 6295bdf42b144d2520849138.jpg
img.phoenix-widget.com/w/q85/b/ 29 KB
29 KB 209ms
102ms Image
image/jpeg 178.62.226.6
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.phoenix-widget.com/w/q85/b/6295bdf42b144d2520849138.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.62.226.6 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 0c3c19fc576842d2679c36705288d4a52b2973b355cd9928307d321ccb41a475

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:48 GMT
Etag: 34112-38ad6c746f283349590ec866748854d95d465811
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public, immutable
Connection: keep-alive
Content-Length: 29825
Expires: Thu, 06 Jul 2023 14:30:48 GMT

GET
H2 200 rect_61e44e03ca3cat1642352131r1802.jpg
i.cdnkimg.com/auto/420x236/image/tesr/1095/95/ 36 KB
36 KB 192ms
58ms Image
image/jpeg 45.133.44.37
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/420x236/image/tesr/1095/95/rect_61e44e03ca3cat1642352131r1802.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 6e08ca94ed960589c3310f0aeff0c776fc2422c394870e1236180e49fa346542

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: nginx/1.19.0
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 20 Jul 2022 14:30:48 GMT
cache-control: max-age=1209600
content-length: 36364
x-proxy-cache: HIT

GET
H2 200 rect_627a85bbc7bfat1652196795r7639.jpg
i.cdnkimg.com/auto/420x236/image/tesr/3684/684/ 67 KB
67 KB 303ms
169ms Image
image/jpeg 45.133.44.37
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/420x236/image/tesr/3684/684/rect_627a85bbc7bfat1652196795r7639.jpg
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.37 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 25943ae25d3d6ff02c4ea34bacfbc79c56ccd5e7d66defbbba4937cfcfeb14d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: nginx/1.19.0
x-cache-status: MISS
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 20 Jul 2022 14:30:48 GMT
cache-control: max-age=1209600
content-length: 68149
x-proxy-cache: EXPIRED

GET
H/1.1 200
OK watermark.png
phoenix-widget.com/static/img/ 2 KB
2 KB 50ms
48ms Image
image/png 188.166.21.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoenix-widget.com/static/img/watermark.png
Requested by: Host: nnews.com.ua
URL: https://nnews.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.21.205 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 14:30:48 GMT
Last-Modified: Wed, 28 Jul 2021 10:32:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6101324d-6a1"
Content-Type: image/png
Cache-Control: max-age=315360000, public, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1697
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CDB4 35 B
362 B 64ms
61ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELUaHmhNXT-xt7uka1yxjAQ&google_cver=1&google_push=ARnp8GAshqZcjO3brQkt-8lco_pGoCzbCuVNqv_ZO6iiwh4_SKD69uRNctccwaFZ4l8yFv43m8CNAw-SJr3FNXwOnphZdxUTRd6D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDB4
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmC...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCVGFZTVZhZA&google_push=ARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmCrp4RAq-yFIwhmp67hqT9TmFALhPbfKNpKR4TzoRBBRkCRuqmznUeOfa3V

170 B
188 B

89ms
88ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCVGFZTVZhZA&google_push=ARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmCrp4RAq-yFIwhmp67hqT9TmFALhPbfKNpKR4TzoRBBRkCRuqmznUeOfa3V

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCVGFZTVZhZA&google_push=ARnp8GCxn94YX1uD-AbWUpsHtADKqoCRGWWswnQvqmCrp4RAq-yFIwhmp67hqT9TmFALhPbfKNpKR4TzoRBBRkCRuqmznUeOfa3V
Date: Wed, 06 Jul 2022 14:30:48 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame CDB4 43 B
106 B 200ms
70ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEQBX6Wh2u6XjjZvwoFWfEY&google_push=ARnp8GCn3kr8djOaBKNFTXQ_wnY3vj1y0xUpjmIyy19ncT1V5_3QMgi6UAzyG5-1pCGmGJC6yN8ghZ36Kfz0pySN5USRK9sO6WA5&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame CDB4 43 B
350 B 201ms
73ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELn1dDp5vp070X-2aiNo5S0&google_cver=1&google_push=ARnp8GA-eu5OZXcBBFIFSOPRzxbUnLXJ0dK_ZHIaq41yGk4-SnRRoFGn9tLQIwmV_cvBHzuwbsPy9Yc4ghnZHT3mHXfwbAiTCzj_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cr3pjsifiqbuif5hbgse1eellavbl7to

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CDB4 0
41 B 204ms
60ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGZGCYuvWOnFZ3Jidyva_JI&google_cver=1&google_push=ARnp8GD2awTuDekzvMsMxgOmEyPutVhfo_Pezlb263XTR63u4VVVCNV9NIvhFdvti7wbTrMU9ICnS18vGguQiU6sD4CRL-6OYbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=280&slotname=2352802185&adk=3478457593&adf=708526450&pi=t.ma~as.2352802185&w=858&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=858x280&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847125&bpp=3&bdt=657&idt=364&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=20&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5rwW78YxlL&p=https%3A//nnews.com.ua&dtd=372
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDB4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHIvNHkYMzxyZxpyBvziB18&google_cver=1&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt10...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tUy03UkU4&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt103hE-genVrwPqcCfXP8LQS7Z5T

170 B
188 B

75ms
73ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tUy03UkU4&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt103hE-genVrwPqcCfXP8LQS7Z5T

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tUy03UkU4&google_push=ARnp8GC1d7zwibO7GPCaWxSPvNZ7AzWHyfKiH71JturaFc4vUDdv_QRtjsoQvgGkfqJXFYRWt103hE-genVrwPqcCfXP8LQS7Z5T
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDB4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGU...

170 B
188 B

82ms
81ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGUiZ42UZ3Dfxdj5uLUL2JFLWi-2rIFd-_WYLMCKyX_fZlCPZZbz15CMbbLULZDaeJ

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PSrO9XGcpvHxjIacX4lXz0pN8gkYR1U2TM4fEk3mMC672jXER%2F4wJEtLvLbB6N3PEnZEMzqZzNQA5laTxsv83qoChSdtT9gejRCkjWkhntFzFIG4S7%2FhwtMl%2BakqsDnNcl%2FTWaIWAlUdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECOmoWcq44S-aTWVY4xTIFA&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GCjuuLDkQTPoGtek87Ll_LfvHhbYwEGUiZ42UZ3Dfxdj5uLUL2JFLWi-2rIFd-_WYLMCKyX_fZlCPZZbz15CMbbLULZDaeJ
cache-control: no-cache
cf-ray: 72690a5b5dac74b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CDB4 0
12 B 63ms
62ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxmQf5aYyLNRqVhtMRhcNONffllfhFlMrGZ6FwD37ZlyqFFWIR4eUGxtfVwUobci7pliEB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6EED 35 B
362 B 66ms
62ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOAyGr8K_wxPLwfZ1MVr4Is&google_cver=1&google_push=ARnp8GDW8P-CBVv4DXNGlOBdLO4vz_awGIGsJZeGUm-ZJoJK8OLqcQTSb51vtzJTfRcoqP5dyKvKn3UjVyZ-3UtFiy54hKqT1Pcl1Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EED
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAz...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCQmFORmltOA&google_push=ARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAzWueXV3mVvsDnpdTDzRvJ8AxFoyJTwmWTLQjJ757NLjusq2pSUpzsZ8j...

170 B
188 B

90ms
90ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCQmFORmltOA&google_push=ARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAzWueXV3mVvsDnpdTDzRvJ8AxFoyJTwmWTLQjJ757NLjusq2pSUpzsZ8jSsVg

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCQmFORmltOA&google_push=ARnp8GDLioHroC3n1n-BQBS36GQF1fqXUlc4uy-ejAzWueXV3mVvsDnpdTDzRvJ8AxFoyJTwmWTLQjJ757NLjusq2pSUpzsZ8jSsVg
Date: Wed, 06 Jul 2022 14:30:48 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EED
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAfizQn...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAfizQn...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAxMDg1Nzk2MDgxNQ%3D%3D&google_push=ARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz...

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAxMDg1Nzk2MDgxNQ%3D%3D&google_push=ARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz21X7o7jcivG5OLj6kGg9xaTZYDour94Q

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAxMDg1Nzk2MDgxNQ%3D%3D&google_push=ARnp8GAfizQn6dWUlu2Td_kPHs3lc-BdP4iQ_QbrWlkb45NdHHg8qwqv2kT9LsKs9kftVz21X7o7jcivG5OLj6kGg9xaTZYDour94Q
pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 06 Jul 2022 14:30:49 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6EED 43 B
133 B 184ms
75ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEILXfS3aYxj1lIngApX3cQU&google_cver=1&google_push=ARnp8GCDFStBQJB52agCyA0up1mZS2ak3yhB7n13LO6xZ5Cz4vG84MLl4WnzjYRgC4C0oh5pqurrqXVQLQPTdB6iiaDDXCXDCs7wCg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rcs1pvsd7f885mfiheoiefqejh560944

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6EED 0
166 B 184ms
59ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIbzaSmmfEnU8I0lct8RoTU&google_cver=1&google_push=ARnp8GCvq5TiPB-dnNWrn8yeMZgkx0LaVT3GLHADHT5frtyKzNe6-Ax6LxQhIWfElehdTnV2o_A-NbxxTx7fE-DrCaMdLYxYHbALOQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1790034715&adk=1170228906&adf=3038483898&pi=t.ma~as.1790034715&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847130&bpp=1&bdt=663&idt=449&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dQ9744U9qY&p=https%3A//nnews.com.ua&dtd=452
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EED
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPrxWVpIBNorDrkm57wgis&google_cver=1&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMjgtQ1RPSg==&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTLPGxCMJjJoz6rP2OHHXegX7b8D6Q

170 B
188 B

66ms
65ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMjgtQ1RPSg==&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTLPGxCMJjJoz6rP2OHHXegX7b8D6Q

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMjgtQ1RPSg==&google_push=ARnp8GD3f2-J9OaXKe7f22wCBVj80x_AiOSfB9A_KBCjOzZr1ZPJbjCDbksI8gPErcvqNpNffTLPGxCMJjJoz6rP2OHHXegX7b8D6Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EED
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8...

170 B
188 B

82ms
82ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8bIvuEtQ_m5NeQ3gp6pLD3mmLDCVDE52pKy5YIC2q8ZBv1Cu8M05stUz55_nq8z_ow

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEcLGed2OGDdQxxfaL4z%2Fkljk7y5RNgAlBqo2XJf4KAPoYbd3R%2FCBzzUpeALs%2BdLUHjSVKs%2FganIjZBapKG3zhF6WHF7BIhadDUfo8gj8wiLwlNZ3G7rq6vF%2BCNFcmK38wkGFI%2F4HWBC3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEIk2B7C5A5t1ZhPQOf_IGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GBndw7m6co_oCSfy2IPtK-AXUDRucGR8bIvuEtQ_m5NeQ3gp6pLD3mmLDCVDE52pKy5YIC2q8ZBv1Cu8M05stUz55_nq8z_ow
cache-control: no-cache
cf-ray: 72690a5b4d9e74b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6EED 0
12 B 64ms
62ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ks2r7ugU3QOmYrLDjqdLGOnb7gZYDakSf29sE6kle0skI0NYXNv87cyTJNnS4wVFcu2KaO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame A5E2 35 B
362 B 64ms
61ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB2WU4vh9hGJ2T8nvmIpspI&google_cver=1&google_push=ARnp8GBmAcsZihOhSJI1YfPBDQhdl1B1KM7sCqYFI13CHBrFczWeeB19LZcKlNCILUjRIDonbae1TbdSjpojs7OqV06VOLJvIc2m

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5E2
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCR0dZTTFhZA&google_push=ARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW_dawHPlDl3LJeC-hR5OisS_Ra98T6UyirG5fAuft6Wb3CWOCNAISccA_N

170 B
188 B

90ms
89ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCR0dZTTFhZA&google_push=ARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW_dawHPlDl3LJeC-hR5OisS_Ra98T6UyirG5fAuft6Wb3CWOCNAISccA_N

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNXY21BQUFCR0dZTTFhZA&google_push=ARnp8GD0Lu8F1qGQy_pHKZEMA8F1Z9wr86j0mFNQCKW_dawHPlDl3LJeC-hR5OisS_Ra98T6UyirG5fAuft6Wb3CWOCNAISccA_N
Date: Wed, 06 Jul 2022 14:30:48 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame A5E2 43 B
356 B 176ms
69ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHLtP3Xo4b58an-8T-K2jJM&google_push=ARnp8GBhodU4cbTorfsH4Ym8F3GVr4rY3GAul6Pk500VfM1uFDrNUEMhrEoZf9xWlFhziZybv2OlriJN1SqfBoi1uAJwQkyOZdXn&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame A5E2 43 B
135 B 178ms
74ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGvhq4WJr9sIyawVLVMC6B8&google_cver=1&google_push=ARnp8GA7TTAWDPw70XpwtWvZHRJJ_9HLkhU0av0EsFYdHunogHuDzhmatgZKPyY659F59_mjSrj6xZUMxTQMeP9lLVjxiZZkeMEf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ukm2tdjk1l94ihfk813im27vss2mebra

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A5E2 0
41 B 180ms
60ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOCDEZQ4joSMplwfd4nJicQ&google_cver=1&google_push=ARnp8GA3yL82QQQVmjQKZm39b1wDlEinej62vfBl0shpqcdlh5RQG1qbVH6Cy7IA9wQxHfCci0aeQ2lSc2PTOpESZPKXcfKApe5P
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=7628775364&adk=482358205&adf=152073764&pi=t.ma~as.7628775364&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847128&bpp=1&bdt=660&idt=397&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DxZJJDGkER&p=https%3A//nnews.com.ua&dtd=403
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5E2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFVRAHOVgKgPlqr3YrHwpg0&google_cver=1&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMVotMkhOQQ==&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi3XyowWesbUaJzU-88cGKogvG9

170 B
188 B

73ms
71ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMVotMkhOQQ==&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi3XyowWesbUaJzU-88cGKogvG9

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKR04tMVotMkhOQQ==&google_push=ARnp8GDkcMdYkgKxFUMhlhnKNPbEGMfXVN2T160ybxu8ustjQkSQgyqJJzu5iGzF6Th0enT2vXi3XyowWesbUaJzU-88cGKogvG9
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5E2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU...

170 B
188 B

82ms
82ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU-Ttph2LPBHgIYyc0ZzZJwzlyhOsRQbN4-x7kETvPoFTgJQHynxde0_d-eHHML2X

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvHjKlAGUr9fWjyg8AcEVwtXKxt7gNE2HfDH41wWFooTT8mIScXHrj7wVJ7GiNmNW8anRs%2BEJLA%2FCB3F6iYoJy7zyK6dh0G3JfW6lEqg%2BmT5FZ66Stvnf4Nr1h6G99NLlzdrB0TyWKEzmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENbsxVw10QBOoObtvIdXsA4&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDYzdCTdwAXRCZs_Qb6KJSyPcOkiJFJU-Ttph2LPBHgIYyc0ZzZJwzlyhOsRQbN4-x7kETvPoFTgJQHynxde0_d-eHHML2X
cache-control: no-cache
cf-ray: 72690a5b4d9c74b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A5E2 0
12 B 66ms
65ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IU6_YO0VjyR4pY3sODjVd6qYmg93iIfpg7UBUy1-4HIV4tFk8rVSGjWJNNm-vuh641qQlV

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame D529 36 KB
14 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99B3 1 KB
749 B 57ms
53ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 07 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3587 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aa547e4b2d098ead29d45c4343bac24f03751646007081333d7f821e93ba0b7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 5649482033924120212
tpc.googlesyndication.com/simgad/ Frame F1B2 28 KB
28 KB 62ms
62ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5649482033924120212

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f84956e2527ddfa3e51f7727bbce28d3b7285f4b0ecef0b258545c1e11146bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 06:34:38 GMT
x-content-type-options: nosniff
age: 546970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29066
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 07:53:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Jun 2023 06:34:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame F1B2 21 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:23:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1B2 3 KB
1 KB 80ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:58:46 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F1B2 67 B
91 B 83ms
64ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 18:15:01 GMT
x-content-type-options: nosniff
server: cafe
age: 72947
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 06 Jul 2022 18:15:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1B2 138 KB
42 KB 86ms
67ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1B2 17 KB
7 KB 78ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 14:18:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F1B2 0
0 208ms
75ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSv82OASGo7pAKJnSv1xz7Vucsj7FodNpqxBvo7Inf0U45f2ss77tNyQppwF5zUyBsoY_Z3JQNm7OxTC402WTkD4tjQ0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1B2 31 KB
13 KB 83ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jul 2022 13:52:41 GMT

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 09AA 36 KB
14 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F1B2 0
0 118ms
104ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaYPXl5zFYtnLJ_GL-cAPj6iJ4Av29_S6at2G68amD8CNtwEQASDAnpKHAWC7vq6D0AqgAf6cmdwDyAEDqAMByAPJBKoExgFP0D3CtBxIrsWlIBHFPJ-O18tCcxYk2BxadGgFz5rN1Eo7nyJdq3XWQrlvjCS81iHFNgMuT3ZjJFBh0zDJrOhc6Cf_pnnPdCXflrVraDrRB7SVo1wBn7IVBM6i2EzqxFXuTpkjwT3dQ7e8OXTlVhBphTWmslfDg7o8UBfnhxfT8muz4mWU67L19qM1mgeL3WpJQ5Yz1SYV_lMsBrYAyUJptV8lRQpZHPWy3J7OH4pwRqGqdHEgXcor8uJbxKhtTnBzTm8HsT7ABKeJsej6A5IFBAgEGAGSBQQIBRgEoAYDgAfq4uYjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoe0n0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNTkyMjk0NzY1OTczMjY4ORgA&sigh=jIu591bufgc&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Jul 2022 14:30:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2715 36 KB
14 KB 68ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99B3
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBJAYNKIa1LU69lL2UMSQl8&google_cver=1&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJh...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJhoZoFlc4Lqpmlaz9_EHKduThaRWpEi3vl98in1B3r4&google_hm=dPXuckuWKm34K...

170 B
188 B

80ms
79ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJhoZoFlc4Lqpmlaz9_EHKduThaRWpEi3vl98in1B3r4&google_hm=dPXuckuWKm34KaU4MUXwPQ

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBSIuG943dOrbh1pe0gq-msQuiHQRBWdPcKBPLzgnajmF_vvZOVJhoZoFlc4Lqpmlaz9_EHKduThaRWpEi3vl98in1B3r4&google_hm=dPXuckuWKm34KaU4MUXwPQ
pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99B3
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECDIsw5-DUC3APrTFZjnHXc&google_cver=1&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4&google_hm=Q0FFU0VDRElzdzUtRFVDM...

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4&google_hm=Q0FFU0VDRElzdzUtRFVDM0FQclRGWmpuSFhj

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Jul 2022 14:30:48 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAR9OSnwhyGfLIwRBc76fFZXJ7ssSFG2kCphRrU0gXDp3b1pU4KljKRhjCGbUB7UWpC7a6ZO0Y4X_GX8arDhpm_OVrCfUh4&google_hm=Q0FFU0VDRElzdzUtRFVDM0FQclRGWmpuSFhj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99B3
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDbabrD...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDbabrD...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAzNTA5MzM0NDMyOA%3D%3D&google_push=ARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfca...

170 B
188 B

65ms
65ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAzNTA5MzM0NDMyOA%3D%3D&google_push=ARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfcaCbYbufxDW2xAVc7vxJrfY_CaKP01Z4

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDYxNDMwNDkwMDAzNTA5MzM0NDMyOA%3D%3D&google_push=ARnp8GDbabrD9x1PpwiZX1qX1u_mEIgoYQ_-h-qeLSJS6MtkWZqsRvE-MgekWozgC-kfcaCbYbufxDW2xAVc7vxJrfY_CaKP01Z4
pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 06 Jul 2022 14:30:49 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 99B3 43 B
64 B 157ms
69ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGqQguWjVuTMyq3hcPHLP0g&google_cver=1&google_push=ARnp8GA-zSJxevPAMTkx6qVzvwdBh0WkxsuRjXwFUd9kDpLYz8r9XWOhm_nAxXIHNNQ2lpspMbZIUHfFaxO5JI_-NftJNxGuhSs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a0085qqovhrqe94otjtr7i64dl5m28o3

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 99B3 0
41 B 77ms
71ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE2ZIVg_oY_3tKMu6JoccA8&google_cver=1&google_push=ARnp8GCrcYKqPZ2GDIpIttDIgmACjoJSe_2JlMzqKc10zdkgjGnLJr0eiXF-eDH_M7Rg1ut9LN5JuhO10lEJvEv1Ews5Yw4SZF_i
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99B3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDNwrx_uwDfKPr_KHbOcDdI&google_cver=1&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77Gs...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKSU0tMUUtMzhFRg==&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77GsgXel2mjSNMqK-CrxU0k3-V1A

170 B
188 B

82ms
82ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKSU0tMUUtMzhFRg==&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77GsgXel2mjSNMqK-CrxU0k3-V1A

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKSU0tMUUtMzhFRg==&google_push=ARnp8GAc9WomcwqcY4HdCa0reDNAvYu_inarj88TePwKB2Gf02UvZNqAsrhr9fyKN04ne9k77GsgXel2mjSNMqK-CrxU0k3-V1A
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99B3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDdhnuVBLe8OAJmykogBdqD5M4XYBwcE...

170 B
188 B

81ms
81ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDdhnuVBLe8OAJmykogBdqD5M4XYBwcEhek2_f-txJpSJowYubFXthhKsPuP-nfusGyUBQm4bqxQYuexQyhD28uJJg3TPuX

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbXt182NHOxHK%2FxS751QiyTSurLmD7RkPCxRXbXtTPW1ya92YwHQ7WxngzI3JLM2xDB%2FPDBC%2FsBMmWuA95OJ%2B1kVwkNWFchB0kWdXEDuZPdOJER8vvOz%2FwaKbx9bmRagKqTKW9rzm4v5Og%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKOuyxOcm7qqPr55X3sUXjw&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GDdhnuVBLe8OAJmykogBdqD5M4XYBwcEhek2_f-txJpSJowYubFXthhKsPuP-nfusGyUBQm4bqxQYuexQyhD28uJJg3TPuX
cache-control: no-cache
cf-ray: 72690a5b7df074b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99B3 0
12 B 83ms
78ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHhrSWYA5v8pWZ2rYRHaAxTSlgEJO25JCNDq97ZA0Mj8YxciXmgb52Zj4-c01K_4UQsNr9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 878F 36 KB
14 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Host: nnews.com.ua
URL: https://nnews.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC6A 143 B
163 B 91ms
54ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 13:50:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E8B4 1 KB
749 B 92ms
56ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 07 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F1B2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65fd13af8959777f672d3a121a82dc9d7f140fb6b642d34315668ed0d8aab3e5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8B4
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHwaxVp_pX2sXVpwapTH_Ts&google_cver=1&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7QXSaeUaQdPk7LHgyxUinDO_OyFL-_QySENZbjuUvA&google_hm=dPXuckuWKm34K...

170 B
188 B

65ms
64ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7QXSaeUaQdPk7LHgyxUinDO_OyFL-_QySENZbjuUvA&google_hm=dPXuckuWKm34KaU4MUXwPQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBzdlwOCMOMGWrG3qJMLs0gYZgPaeWs_dcSuReuSaqSLMg_k5WsX7QXSaeUaQdPk7LHgyxUinDO_OyFL-_QySENZbjuUvA&google_hm=dPXuckuWKm34KaU4MUXwPQ
pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame E8B4 43 B
61 B 122ms
65ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPBHN5T5MwLHK-mDWWdBkng&google_push=ARnp8GCF6-_Eo-r6AiAVyRVkLh666G-1pd5ANzLOCLZRav_hNf9LlkhTOgfgasvqgYr1nXmaZ0YHhy4xj8P8LJYKJB_ew9Kz0d7c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame E8B4 43 B
64 B 73ms
69ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAL7_Vwt-KuPPeIQquUxKS0&google_cver=1&google_push=ARnp8GDqGHu_ZtODpvhcShgJHJ_gAT5CvNmaB3vxPATtK0QvkgdFYgc6V3JSWPdj45dJGQ7MhHGnij44ctDU77BwTXwsXBjOC3YZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b730dnagvie4qmbk2rm5i5k5fdb2bfg6

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E8B4 0
41 B 58ms
54ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEObN2OS4GH2Z9JTh0BxL--s&google_cver=1&google_push=ARnp8GChWMzO7aX7hrMdnym_wlbjuF1tX1k4DS9GXvbPVqipoaHgufIRpGrlbwC_1YbZyKCSkmtWSb2Pvz1CmLQo6VHZ__OJfqEM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8B4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELjxBnCUMo_VNFulR4vmt4k&google_cver=1&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4A...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKUkEtMVktQjlQUQ==&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4AbLgNrGyHTkhoVmovI-Xy-wsM

170 B
188 B

66ms
66ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKUkEtMVktQjlQUQ==&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4AbLgNrGyHTkhoVmovI-Xy-wsM

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU5UDZKUkEtMVktQjlQUQ==&google_push=ARnp8GB1zs9cUZ4MKexOcC4sn9mOml-skmRRG4zOJA9RYaSOQ4PYLYku3HbBvHdGyClHSA0Ak4AbLgNrGyHTkhoVmovI-Xy-wsM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E8B4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GABRCH37RoBoEdE8rulMoa-kLb-VyPAO...

170 B
188 B

65ms
64ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GABRCH37RoBoEdE8rulMoa-kLb-VyPAOGJO-M7juRAIbjHY96Bn9ofuSCV7mChXEaLSY6-p_GwRcDY3mu76vmkeGs9tDrAT

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWrQIooKsTnMHfSM%2B4IjR62ya%2BtJQmYyHX5m0ZkS4TS6RSlq3e53HCo2Rb1ZnES9eyUCkgd95DT0EbAtm9fvFiO6w%2FFUge3CjrUTvWLR43R%2FOL6FcIMUUeS1fKpL2Pm0%2FTS6TWd3sNXZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPzo49SoJhw9qPiUssiDVGc&google_hm=YsWcmHKnYx7YObl-zFXhMQAABGwAAAIB&google_nid=index&google_push=ARnp8GABRCH37RoBoEdE8rulMoa-kLb-VyPAOGJO-M7juRAIbjHY96Bn9ofuSCV7mChXEaLSY6-p_GwRcDY3mu76vmkeGs9tDrAT
cache-control: no-cache
cf-ray: 72690a5d999774b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame E8B4 43 B
297 B 415ms
46ms Image
image/gif 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFW8hAC3ocu48UkIZZ6VEA8&google_cver=1&google_push=ARnp8GAB7fCc88QV28vQqlegPaHCo-ByH5krPCkp2fCRUKoiTg79ZOYWH9g9HV1lAGDhm20o6Bx-201LQpTt6SBsW6M7mZRhzwM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E8B4 0
12 B 64ms
62ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IF66t2-yFXfUa7qfTKekaQgmPp8XH_OqE6_14AgOuVk9w8fOkwQ4W1n5sl07NUlDdf3G9Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 176ms
67ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

820aaf01d06406152b30cd5e4a2945562f8e2478be71f37b1d6cc9f74c0f8871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jul 2022 14:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10675
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

101ms
101ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 14:30:49 GMT
expires: Wed, 06 Jul 2022 14:30:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 14:30:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame D198 36 KB
14 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922947659732689&output=html&h=250&slotname=1158178589&adk=3520988211&adf=4143280585&pi=t.ma~as.1158178589&w=310&fwrn=4&fwrnh=100&lmt=1657117847&rafmt=1&psa=0&format=310x250&url=https%3A%2F%2Fnnews.com.ua%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657117847129&bpp=1&bdt=662&idt=438&shv=r20220629&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280%2C310x250&nras=1&correlator=2986425637922&frm=20&pv=1&ga_vid=985095794.1657117847&ga_sid=1657117847&ga_hid=1263515404&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1647&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C31068106%2C31065544&oid=2&pvsid=3480178510564460&tmod=1107267512&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=uNKWGW1FTT&p=https%3A//nnews.com.ua&dtd=441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 14:30:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3536 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:03:58 GMT
expires: Thu, 06 Jul 2023 14:03:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C5F 783 B
533 B 64ms
64ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35eeadd040de7baa221a490e53d0239de36eb0c491ab79bec9f5a0cee1c4f492

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fMVAaoWwecxS9dPv-1FLmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nnews.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-fMVAaoWwecxS9dPv-1FLmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 14:30:49 GMT
expires: Wed, 06 Jul 2022 14:30:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 3536 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aHhPXGVii6m1UdQEw4dl9bTaUK-_iBumPQ-RERU6U4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 21:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13869
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 21:27:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C5F 0
0 95ms
94ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=3480178510564460&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3536 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_at9Cw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:30:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 708F 42 B
64 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvq1k87HwvzHczf-NRpdjUHbqBM1fgruQW8dsR3327_EUwgtYkCUK-ORXfrAMuoITFChPGTCOco8Q5La9P27pldRcNWXdmPB6EL5FYqpDr96tXSiJUphA2cvQZvH7TbXdgrwQSGJg&sai=AMfl-YRTRfF2Ks_LABQmwuYPe_fpuBoPhZu8hSp-2IQJl-Yc9yCUzr3QbQsUyyhy4dmqOVM_I3L03QMIRA81mDy_TEEUoyewp6mP7LI&sig=Cg0ArKJSzL-DPyXrR8JwEAE&cid=CAASF-RoCNqDfcQ4AEvV_UmBR-WSAv5ZGLqV&id=lidar2&mcvt=1000&p=0,0,280,858&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3478457593&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657117847498&rpt=1210&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3587 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvA4GSyo861II2j1hV9ldI-a5LNYdE461gFsjm6bM2CNf06TlIj4wyC_AS0w5YAkH4g_d6kHa_TcGB-Lci1UtlISWENq5uCEsdkv7f_kbPcfmIgTsbQxI1Pi1TDB57E-40zM6GD5g&sai=AMfl-YR56FlzoMnHpUxiRAvYPPq7y1O-WaBAqD8BhIxnidY6__WvBI0begpS4D9Jd0ANSJR7rO484CAAhrD9fJTtw_4NFsLv59PW22w&sig=Cg0ArKJSzDdibfIS78xNEAE&cid=CAASF-RojglQFHT34baPQmtos-xYu7Tb4dg2&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=299,785,1000,1000,1000&tos=299,486,215,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657117848258&rpt=605&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 14:30:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=3480178510564460&bg=!nJ-ln9vNAAaLlKKnq5Q7ACkAdvg8WhGz-P9A72_qGPPoV8en_4iqUy7GFc1ESY2Eo_xgAAwxf2duZwIAAABPUgAAAAFoAQcKAK1g52dp5aC7RoFUlt1oNO6BSHrj-D1SS5sdTFT4mHHQUCjDlUvJiDwvZrLFKmuvRfxWcKDx8hrSlTWpNrE9w8C_jsJfSTDjfint92t86c2B2NeLoNB7W_BLOct6PJ_F7FSyVS0rYsTjZu3SIMLDl5F1MkwExpAwROOO1XGYNSkVFuM-6lF1vOD7EjJGmlsZXYmqSuMXxo8M-HaninWAkBuldS6XETNQENuExCLYy5kCkoZSyKUfZi_fwJrZ0Pg-ZLPYspsp3rY-8NzltinlUnfaxf8WyuqNDLh7mKmZGXWZR6UGhOMInugW6EnHwpA5oeJmmvX-I61SYqtypNSruo9YHbkxB3jmjNpdemEYVzY0sBPbRJuwXbBnfU_GC3dfgqq4MavGudrDZ9C_Xhy7JxuCGHfGuYLTeLXWSlZ3UKagKYc-98ntHTj_zr8Tr-pybUy3ea_ul4NhGz6D71qLPzgebeuqTsbnVYrGorWS6ousZKNSd-hk8UImHbHgGaCHtOGYbanh1a9JCRDlTThOcSoFJBOChsNKx5YIOvwAN1HoXW6WJqai5cRgNW_T-aghMUxQ8sOc8x3ASRBi1qdafhJQRwQF4XvqC9RTzNkJ13I6nRgGnidHCkBDBdtw6l9xBRJAGOoAKZrba_2TUiQZryakxajsUvd1VMG5nsBRnWOOTDBcFSDcICKRQ2oobJ024El0c06rtdpkiSt4G4YgOlys9ERvnZE_77IXCDi5viQgZXx_S_7FJASIT5kEt1tEpJMOxxf8ydafDyYX0vdj3UKMuyfhCxQv6VgruSUWpTljdCwMqauZGYNJ4VsYDFWu6Md7B-75KUq90ceo1WYhPrgRcA7kEFf7DdsAx9KhIpfbpuoZTUVydgMuexA9d5zAHsMGSFJ5loy7LsByqovZTihf0p2cbZGVLzpSe7sUXgEUDaR79GNuwMT36xUuaoNcU1k4jMMOFGOU2V8NqYaZ4_lAJjM8a4gHG_GV62gTkFJeYMNxCWqQ6LUHl6ZAEVAxVxdDpzUj8QaOmIGvaDnlb9yANdPgK6ybPsVHhnd9QHceu89ygC3AfBYXxjagzyIWO4PjYjCcCFniXhmfZRZJalwLfeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nnews.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nnews.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: mo2h0sq0qfgrl2mn8bejab6td9
nnews.com.ua/	1970-01-20 05:01:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nnews.com.ua/	1970-01-20 04:58:57	Name: sharedid Value: 06fd3e8d-72ad-47e5-b5c3-d5d003b7cc9f
.mgid.com/	1970-01-20 04:18:39	Name: __cf_bm Value: ULRg3S688hUi7K89E0msbSxu53O60dKLLH0F0GzI.r0-1657117847-0-AY3iSievIfm7k4QvgsAIxKpMveqtJguSauXMh2hPcgGKHm6VN1R78m+thqAJnMcUBZM5EVeTfItUlbGNvNgl48Q=
.id5-sync.com/	1970-01-20 04:18:38	Name: cf Value:
.id5-sync.com/	1970-01-20 04:18:38	Name: cip Value:
.id5-sync.com/	1970-01-20 04:18:38	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:18:38	Name: car Value:
.id5-sync.com/	1970-01-20 04:18:38	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:18:38	Name: callback Value:
.zeotap.com/	1970-01-20 13:04:13	Name: zc Value: 7a2aa2b4-6e74-416c-44a8-5c1efc133b54
.zeotap.com/	1970-01-20 04:20:04	Name: zsc Value: %03%D7%CC%C9%98%835%2A%D5v%F5a%EF%16%0B%9F%28C%8C%D8%B7%EE%16%DBY%ACM%7Cub%9CT%E6%01%D2o%99%09%5C%23T%95%0C%25%04p%A8%C8X%92n%11%F4%CEO%93%E2M%C925%7D%24%5E%97%5B%12%C4%D6%FC%7C%AERijY%AF%DB%28%9Cg%E4%07%C3%EFh%0Fm%8A%7F%99lr%7D%21%29x%94%8D4%E6%3B%B1%B7%E4
.nnews.com.ua/	1970-01-20 21:49:49	Name: _ga Value: GA1.3.985095794.1657117847
.nnews.com.ua/	1970-01-20 04:20:04	Name: _gid Value: GA1.3.2009348596.1657117847
.nnews.com.ua/	1970-01-20 04:18:37	Name: _gat_gtag_UA_199281257_1 Value: 1
.adnxs.com/	1970-01-20 06:28:13	Name: uuid2 Value: 8396728339614736720
.agkn.com/	1970-01-20 13:04:13	Name: ab Value: 0001%3ActF4d%2F9RPbPFyJYM9msDfSQ%2FVUun8mzN
.demdex.net/	1970-01-20 08:37:49	Name: demdex Value: 88526550028832116171499366875359695072
.mathtag.com/	1970-01-20 13:44:33	Name: uuid Value: ab7a62c5-9c97-4700-90f5-30dc7b8a9cdc
.dpm.demdex.net/	1970-01-20 08:37:49	Name: dpm Value: 88526550028832116171499366875359695072
.quantserve.com/	1970-01-20 13:48:52	Name: mc Value: 62c59c97-94f9d-d6caf-01283
.nnews.com.ua/	1970-01-20 13:43:06	Name: __qca Value: P0-1415615090-1657117847559
.nnews.com.ua/	1970-01-20 13:40:13	Name: __gads Value: ID=fed514e4deccc695-221518f3c5cd0081:T=1657117847:RT=1657117847:S=ALNI_MaajN8_ShFgnSy6F7vSJCotlwNLYw
.cpx.to/	1970-01-20 13:04:13	Name: cpSess Value: 4087125698a0cd66
.nnews.com.ua/	1970-01-20 13:40:13	Name: cto_bundle Value: 8n1K7l9CWm5CS005ZWFtemFINTJRa0lsWFZkdk1QUVRyaklxRTEyWkVneHAwbkhMNjV1YTYlMkZCNUElMkZoQURVbzlWR3piVlpDOXp0bHlaRTVxeXIwVk9CMkduWWduWm9ndFVTSnk2JTJGTHJKYU5qc0E2TEFoMVB1dlV4WlUlMkJMZU9hclJ1S2Fj
.nnews.com.ua/	1970-01-20 13:40:13	Name: cto_bidid Value: 1cQ10l84bFdUa1dZRmU5WWJoTUxCZWU4UUxjYSUyRiUyRmtnZ1BaU0RzWmMlMkJXSFM4Sm55amduRDRHWk9uMXg2Sm5FWmlJTGhnc3FkUlZaaWlraXliSXNYb29ITGU5USUzRCUzRA
.cpx.to/	1970-01-20 13:04:13	Name: dsp_dbm Value: CAESEPDfWEgIS5F7pOjqBiPi_m8#1657117847808
.smartadserver.com/	1970-01-20 13:04:13	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 13:04:13	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.cpx.to/	1970-01-20 13:04:13	Name: dsp_app_nexus Value: 8396728339614736720#1657117847910
.smartadserver.com/	1970-01-20 13:04:13	Name: pid Value: 4247575871279957696
nnews.com.ua/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1291903%22%3A%7B%22page%22%3A1%2C%22time%22%3A1657117847995%7D%7D
.quantserve.com/	1970-01-20 06:28:13	Name: d Value: EHgBCQHGJoEA
.doubleclick.net/	1970-01-20 13:40:13	Name: IDE Value: AHWqTUkuMV2HsB-2baaHfeaJ94JKCSsJjNsEuHhXGk-A208B5DEIVqwsG-sIEVzJM7A
.casalemedia.com/	1970-01-20 13:04:13	Name: CMID Value: YsWcmHKnYx7YObl.zFXhMQAA
.casalemedia.com/	1970-01-20 06:28:13	Name: CMPS Value: 1132
.casalemedia.com/	1970-01-20 06:28:13	Name: CMPRO Value: 1132
.casalemedia.com/	1970-01-20 06:28:13	Name: CMTS Value: 3263
.e.dlx.addthis.com/	1970-01-20 13:48:52	Name: na_tc Value: Y
.agkn.com/	1970-01-20 13:04:13	Name: u Value: C\|0CEAAAAAAKlhZGQAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/	1970-01-20 13:48:52	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 05:01:49	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:01:49	Name: na_sr Value: 20220706
.dlx.addthis.com/	1970-01-20 04:18:37	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:01:49	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 13:48:52	Name: na_id Value: 2022070614304900035093344328
.addthis.com/	1970-01-20 13:48:52	Name: uid Value: 62c59c99ccd70624
.addthis.com/	1970-01-20 13:48:52	Name: ouid Value: 62c59c9900016f3c0b6982fa8733ef2c027c2ba452f12200364e
.doubleclick.net/	1970-01-20 04:18:41	Name: DSID Value: NO_DATA
.innovid.com/	1970-01-20 06:28:13	Name: uuid Value: f4365723-a0c4-416d-8de5-b5a3f191515a-20220706 10:30:49

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-5922947659732689&fa=1&ifi=7&uci=a!7&btvi=4&xpc=ZwaMFlKMkA&p=https%3A//nnews.com.ua Message: The resource https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.themoneytizer.com
adservice.google.co.uk
adservice.google.com
adtrack.adleadevent.com
ag.innovid.com
ajax.googleapis.com
api.phoenix-widget.com
c.mgid.com
c.tmyzer.com
cdn.mgid.com
ced.sascdn.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
d.agkn.com
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.cdnkimg.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
img.phoenix-widget.com
jsc.mgid.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
nnews.com.ua
odr.mookie1.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
phoenix-widget.com
pixel.everesttech.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
rtb.openx.net
rules.quantcount.com
s-img.mgid.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
servicer.mgid.com
spl.zeotap.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.phoenix-widget.com
sync.smartadserver.com
tag.leadplace.fr
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.19.126
104.19.135.78
104.19.136.78
141.95.98.66
142.250.184.226
142.250.185.194
143.204.101.100
143.244.196.143
145.239.193.51
176.104.8.35
178.250.0.157
178.62.226.6
18.156.126.13
185.33.220.243
185.64.189.110
185.86.139.115
188.166.21.205
188.166.37.243
193.108.153.18
198.47.127.19
2.18.233.201
2600:9000:2156:0:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9a
2a02:2638::1c
2a02:6ea0:c700::20
2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
3.122.145.17
34.251.55.128
34.98.67.61
35.227.252.103
35.71.131.137
45.133.44.37
46.137.164.28
51.89.9.253
52.19.184.31
52.19.46.209
54.154.72.131
54.38.64.100
69.173.144.165
69.192.160.219
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00a03e55398c25bd26f079382ea8f492c5592821fc54a1a1d86283c1fcca429f
00b923d74fc40605b62bfff096a978bdc22fe6ba31a9a84bd7d813c37e4b0d30
012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7
0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06e017fecc403fc633e00fdb66ca93ca3a73428ee84a8f0b21231e9bd8b4d9f0
07cd93aaf40528d8402e57fae379a7fe2ff24090292d4b425263965e73316323
086f68b75e10cff78c11ff7d8159c9bbe5bea67202280ea74a6ddf5a1d8e44c6
09c41af18763855c7d428ac74a677281347c5743255d5a65d6bfedd0a586c702
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3c19fc576842d2679c36705288d4a52b2973b355cd9928307d321ccb41a475
1199c6305025923d2694534e9b7b40e5b32a58d2761a4654403c81421d9cd88b
164f339fe9b8d6a3a4251eb2e875c01686c824ba558f320ed9f4859bbe842667
17d856678984869648bd79f6dca093140f5b8442f93f9d6bd050d5b8d1da6cf5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18332a1921bfcc389fdda6af5439513b2ed40bbd81f64126623ec2e911df3bce
19dd67beb0656f0049b353adac1964742430cc04656dc7bd6e59f9733779a2e2
1cf6dc3c4aec0e9af90fec9c73760a65244f2f4c7e349fd89240ff04c25ddc67
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
23512696ddd07fcd4036b80335201e3878c0cf85193f0753978fb8719e3eb796
235b98e9724beb6c5d4365e7f097c06fb0ac3208e38b1ddbd401a375203f655f
2453c544ecfbba764f3e62d6b51a9778d0c220da4a628e778c198e7279d69303
25943ae25d3d6ff02c4ea34bacfbc79c56ccd5e7d66defbbba4937cfcfeb14d2
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689
2b42cd3660f6bf3f2c6f3a60cd9523eee7ac9b544e7ae928a269dc1c0fa1e366
2d772a03a665ff262eca71c5815d9f1219839f8dbf98dd5393ce23c8a5454902
30e8ae2448112b0e88724880b99261e660b1e30a891829536d13389e9c8ee5d9
338dbe882f245e17d51a4aee79bbda8785ae4f7c74f9f219fdeb3fbe76b0e4ed
35eeadd040de7baa221a490e53d0239de36eb0c491ab79bec9f5a0cee1c4f492
36eb5f47a0a8d895e809a192bb4fa91f345bd44ad61091f76ac49bc9b52980df
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
415e9b9c04b67558c7f295ee7194330856bdbf60d226be6d4283db30ca08ff5f
418d9874dd62b9f78cdc4748132a6ba853675d5ea12bec04de41871aabbe01dd
4280fda8cad7f9cc8562b360b8c3d73fa8ea960b83ab3b0677af077d57eb252b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4a6f3fcac6d7e7b136f337f00fd6ae26d976f79b380b0bc37d4e5f2871bbaa7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56172deb71e2515294dcb24654d156cb8b946ffa6ebaa1db3a24aa507142b0f4
5805d4f5e848b10b210016859b3217402ee2a06ffa1f00e63f782e5533bfa9c5
594f184d374383c66e8cf7973b56d0dfda8038654f3cea99a32050eaf8d3838b
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178
5dd6940259a7ab29e9d967f383168e5ad5e45bc1ea33960826a5d6aff63a3113
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65fd13af8959777f672d3a121a82dc9d7f140fb6b642d34315668ed0d8aab3e5
66f362e55e6428ba5ca6540adb647140f8938366e52604927ca95236f66351f7
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
678db2eea8bf661d580dd20fd8f9bc5aec662c3e622a0191c93aa3e2181f7b9c
68784f5c65628ba9b551d404c38765f5b4da50afbf881ba63d0f9111153a5383
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e08ca94ed960589c3310f0aeff0c776fc2422c394870e1236180e49fa346542
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71443a4023953c509ec42fda233e80a82888c3d5ae1dc5907a4282759875323e
71d2ec183c3e161c1eba470ccc5757ea4bbf4ad69216d754fe66fcd25b8c71f8
72b242a2af6b805b90877ab3a31c291f7cc8029a6bc2754e91cc6367a5f720c7
748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c16dc4f1912fa52c774e168fabd9f66b6893664bdf286ff773c0b7cde46c1d
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7aa547e4b2d098ead29d45c4343bac24f03751646007081333d7f821e93ba0b7
7d38484db5c24167df3ab11e8df6736b3641e5ade46dcc3ace71b0b4acfe4c85
7f84956e2527ddfa3e51f7727bbce28d3b7285f4b0ecef0b258545c1e11146bd
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
820aaf01d06406152b30cd5e4a2945562f8e2478be71f37b1d6cc9f74c0f8871
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836d7a76d0865f25a70657c2efca62962871705ae2770afde893e01c64b279c2
84b78c17a297376b3e237b79f885b2cc37f52ff98b9450cf47b79742f58884ab
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
850450864eb0df3f09b9724116f7548691a315f0e48938b00b4330a00147cb9d
87ca04a30269d5b6e4f985c278b7ba9f595736c98dc2e34ae068bd3a5e3da4d6
8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bfd5a87b548d9298230da63c68e625fcf5b12212ab5705e86df04bc8da0d8cb
8cc1b08d63c874d0932c0a26ade1df67e2e28c43a310323f9a607f1eac6850a9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddd792c68fc3c71b48bcc8cf7f91b8624815b9e631a2ed2dd9ed1da3e5551c7
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
92cc22507e69f2baa9a37f4dd7767bad45f4531a1667fd8cfb0665dd7bfd52d1
9517bed8b8875d7bb1f3a1796c90ab7ea91f4031960e7b75dbf91b576cfd0cc7
9525ebb3f503818c8cf93cda1beb1496e83c15fa33118ecd2954868bd5693d17
96f31318bf5c5ca3fe23fbf2f60100e37f384130e56d9e1148007c954dcd0471
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd082781bae702d30169fbf34f21ac51c6e83fc3d54a2fcec7823f5b0de35d6
9d1dda02d9bfdb6085c071d78bf02fdbed5b774072fa88811496113a79ad33a7
9d9f587b8de85c0ff66e04e9626075d369df65bbdc2f37ad95274b6c8e69548d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2cba1141d784827ad237feecdcb29cd406098a38f720d8b204197cfef9a0f6c
a415cc1d1b008bc98b976d976022303fdde98864c2649fec1bce001b8002e43d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52f20a3f291d64ee54e835230ad5fb677ca72e3b388104b8ce28a4964013cf3
a5b2665050154a908f93b008604837aa6cd5d0fd6914338cbfe13c0ff0a2934f
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7d4366e9b500c60992c39f8d30615abc4d152a7d80c8702bef0debd33200be9
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b3cd0ec15f127ec2cf8a2fb56e74f99b922b96cd20015dbfe8345d5a7e6cae38
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bb59f00724dffe7d3c8294e9b6ffcb948425063a0a56203fcb75f84820552d42
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf9d8e6d3007120b19f3ad0fbeb2ae2f05b663ea020f9b876b88414a2e36d2c4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d6a58af6179ec4972d40e77dd7e20541e17429bcb405f0b382bfef50d55e1347
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd0f89861eac2cc297e0135134cfb79521c855872286ed1fddd3403fc2e01ca5
dda25726bb9e218b87225e99e4bb2077b5725ef80c4abc7bd18afa3e2d754c11
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e063d48991e507f191c541c396d364bb4c0263e4dadf98d6d2576c3eb8ed4bc7
e072894ddd825f5ebc351f1b96c482f48793fcd0bfa6814efce0f7c5d4eac91e
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e24d81e4300ddf324f2a26011b4a12aca28a5f6748ec8689edf8f7dfd3cacee9
e34cfefc2eb2abefbbb88003731d313036b1d3c8b1448a10645b0dfd9cac17c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6197a7455f9b7a646b461c3487c4c79a545d42b6a65113be86be136a33edb8c
ec744f959fb090c83c461e460075b9ee7e3347cbba48a6ae4e8aa537fe9fa358
eea1490778379b3cb73ab252012a8cb4756de3b9998732d43b0bc525561dfafa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f6429103c56926705f275e5cf037bd3239bf831c4718edee17fc4908a72113
f12c379cee31d4f72dd56a8212acb6429c1157f1ab3a3f2f62fe2733118ad8b7
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc2df9a6d8d6b992b832a8112600a8b6e45f3c0035abee8e6810df317ad768c9
ff6b796e301e6bb8f0404d9f4e180ed8e458c932ec02cef7f07869aa01c7cea9

nnews.com.ua Open in urlscan Pro 176.104.8.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

259 Requests

88 %HTTPS

35 %IPv6

41 Domains

63 Subdomains

46 IPs

9 Countries

2452 kBTransfer

6255 kBSize

50 Cookies

10 Outgoing links

Page URL History

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nnews.com.ua Open in urlscan Pro
176.104.8.35 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

88 %
HTTPS

35 %
IPv6

41
Domains

63
Subdomains

46
IPs

9
Countries

2452 kB
Transfer

6255 kB
Size

50
Cookies

259 HTTP transactions
12 data transactions