URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Submission: On April 08 via automatic, source certstream-suspicious

Summary

This website contacted 63 IPs in 15 countries across 57 domains to perform 220 HTTP transactions. The main IP is 94.130.85.248, located in Germany and belongs to HETZNER-AS, DE. The main domain is newkursru.llell.dev.mezhbank.kiev.ua.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 8th 2020. Valid for: 3 months.
This is the only time newkursru.llell.dev.mezhbank.kiev.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 94.130.85.248 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 172.217.22.98 15169 (GOOGLE)
1 91.198.36.35 43405 (DIGITAL-V...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.201.216 39134 (UNITEDNET)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 193.200.125.237 47205 (TELIA-LIE...)
1 13.224.199.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.86.137.32 201081 (SMARTADSE...)
3 69.173.144.141 26667 (RUBICONPR...)
1 185.184.8.30 204995 (RTB-HOUSE...)
7 18 188.42.196.115 7979 (SERVERS)
2 4 34.95.120.147 15169 (GOOGLE)
1 37.157.2.237 198622 (ADFORM)
4 23.213.15.82 16625 (AKAMAI-AS)
2 8 37.252.172.250 29990 (ASN-APPNEX)
3 178.250.2.152 44788 (ASN-CRITE...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
9 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.225.73.76 16509 (AMAZON-02)
1 3 185.86.137.17 201081 (SMARTADSE...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
4 51.89.9.251 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 91.228.74.156 27281 (QUANTCAST)
1 34.248.192.154 16509 (AMAZON-02)
1 13.225.87.39 16509 (AMAZON-02)
5 52.18.172.55 16509 (AMAZON-02)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
4 12 23.111.100.76 7979 (SERVERS)
2 185.255.84.151 200271 (IGUANE-)
6 15 52.57.163.110 16509 (AMAZON-02)
12 104.22.21.218 13335 (CLOUDFLAR...)
1 2620:1ec:bdf::10 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 104.16.92.60 13335 (CLOUDFLAR...)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
6 6 172.217.22.66 15169 (GOOGLE)
1 18.185.173.123 16509 (AMAZON-02)
1 18.184.216.10 16509 (AMAZON-02)
1 54.228.220.169 16509 (AMAZON-02)
1 91.228.74.158 27281 (QUANTCAST)
2 54.38.64.100 16276 (OVH)
5 108.128.27.24 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 5.39.67.46 16276 (OVH)
1 151.101.13.108 54113 (FASTLY)
1 104.109.78.125 20940 (AKAMAI-ASN1)
2 2 54.77.139.233 16509 (AMAZON-02)
3 3 35.158.58.156 16509 (AMAZON-02)
220 63
Apex Domain
Subdomains
Transfer
39 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
272 KB
28 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
402 KB
18 betweendigital.com
ads.betweendigital.com
7 KB
15 360yield.com
ice.360yield.com
match.360yield.com
ad.360yield.com
12 KB
12 kurs.com.ua
kurs.com.ua
403 KB
12 otm-r.com
ssp.otm-r.com
4 KB
12 mezhbank.kiev.ua
newkursru.llell.dev.mezhbank.kiev.ua
198 KB
9 themoneytizer.com
ads.themoneytizer.com
166 KB
9 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
9 KB
7 pubstack.io
tmzr.pubstack.io
acdn.prod.pubstack.io
intake.prod.pubstack.io
22 KB
6 cpx.to
p.cpx.to
s.cpx.to
7 KB
6 googletagservices.com
www.googletagservices.com
165 KB
5 google.com
adservice.google.com
www.google.com
1012 B
4 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
2 KB
4 onetag-sys.com
onetag-sys.com
964 B
4 criteo.com
bidder.criteo.com
gum.criteo.com
827 B
4 openx.net
adnet-d.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
4 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
7 KB
4 smartadserver.com
prg.smartadserver.com
ww1097.smartadserver.com
4 KB
4 google.de
adservice.google.de
www.google.de
770 B
3 casalemedia.com
as-sec.casalemedia.com
3 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 adsrvr.org
match.adsrvr.org
1 KB
2 plant-for-the-planet.org
www5.plant-for-the-planet.org
2 tmyzer.com
c.tmyzer.com
400 B
2 pubmatic.com
image2.pubmatic.com
1 KB
2 omnitagjs.com
hb-api.omnitagjs.com
994 B
2 4dex.io
script.4dex.io
19 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
7 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 criteo.net
static.criteo.net
41 KB
2 adnet.lt
keytarget.adnet.lt
150 KB
2 facebook.com
www.facebook.com
312 B
2 yadro.ru
counter.yadro.ru
1 KB
2 facebook.net
connect.facebook.net
142 KB
2 cloudflare.com
cdnjs.cloudflare.com
91 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
31 KB
1 id5-sync.com
id5-sync.com
464 B
1 adleadevent.com
adtrack.adleadevent.com
547 B
1 eyeota.net
ps.eyeota.net
344 B
1 truoptik.com
dmp.truoptik.com
659 B
1 quantcount.com
rules.quantcount.com
967 B
1 indexww.com
js-sec.indexww.com
386 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 zeotap.com
spl.zeotap.com
1 sascdn.com
ced-ns.sascdn.com
9 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 adform.net
adx.adform.net
465 B
1 creativecdn.com
prebid-eu.creativecdn.com
222 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 google.co.uk
adservice.google.co.uk
839 B
1 amazon-adsystem.com
c.amazon-adsystem.com
3 KB
1 holder.com.ua
h.holder.com.ua
366 B
1 googletagmanager.com
www.googletagmanager.com
29 KB
1 jquery.com
code.jquery.com
29 KB
0 semasio.net Failed
uipglob.semasio.net Failed
220 57
Domain Requested by
25 securepubads.g.doubleclick.net newkursru.llell.dev.mezhbank.kiev.ua
securepubads.g.doubleclick.net
keytarget.adnet.lt
18 ads.betweendigital.com 7 redirects newkursru.llell.dev.mezhbank.kiev.ua
ads.themoneytizer.com
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 pagead2.googlesyndication.com newkursru.llell.dev.mezhbank.kiev.ua
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
ads.themoneytizer.com
12 kurs.com.ua www.googletagservices.com
12 ssp.otm-r.com 4 redirects newkursru.llell.dev.mezhbank.kiev.ua
12 newkursru.llell.dev.mezhbank.kiev.ua newkursru.llell.dev.mezhbank.kiev.ua
9 ads.themoneytizer.com securepubads.g.doubleclick.net
ads.themoneytizer.com
8 ice.360yield.com 3 redirects newkursru.llell.dev.mezhbank.kiev.ua
7 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
7 ib.adnxs.com 1 redirects keytarget.adnet.lt
ads.themoneytizer.com
6 cm.g.doubleclick.net 6 redirects
6 www.googletagservices.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 ad.360yield.com 2 redirects
5 intake.prod.pubstack.io newkursru.llell.dev.mezhbank.kiev.ua
5 s.cpx.to p.cpx.to
newkursru.llell.dev.mezhbank.kiev.ua
4 onetag-sys.com ads.themoneytizer.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 x.bidswitch.net 3 redirects
3 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
3 bidder.criteo.com keytarget.adnet.lt
ads.themoneytizer.com
3 as-sec.casalemedia.com keytarget.adnet.lt
ads.themoneytizer.com
3 fastlane.rubiconproject.com keytarget.adnet.lt
ads.themoneytizer.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
newkursru.llell.dev.mezhbank.kiev.ua
3 adservice.google.de pagead2.googlesyndication.com
2 match.adsrvr.org 2 redirects
2 match.360yield.com 1 redirects
2 www5.plant-for-the-planet.org pagead2.googlesyndication.com
2 c.tmyzer.com ads.themoneytizer.com
2 eu-u.openx.net 2 redirects
2 image2.pubmatic.com 2 redirects
2 hb-api.omnitagjs.com ads.themoneytizer.com
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 tag.leadplace.fr ads.themoneytizer.com
2 static.criteo.net keytarget.adnet.lt
ads.themoneytizer.com
2 keytarget.adnet.lt securepubads.g.doubleclick.net
keytarget.adnet.lt
2 www.facebook.com newkursru.llell.dev.mezhbank.kiev.ua
connect.facebook.net
2 counter.yadro.ru 1 redirects newkursru.llell.dev.mezhbank.kiev.ua
2 connect.facebook.net newkursru.llell.dev.mezhbank.kiev.ua
connect.facebook.net
2 cdnjs.cloudflare.com newkursru.llell.dev.mezhbank.kiev.ua
1 eus.rubiconproject.com ads.themoneytizer.com
1 acdn.adnxs.com ads.themoneytizer.com
1 id5-sync.com ads.themoneytizer.com
1 us-u.openx.net
1 pixel.quantserve.com newkursru.llell.dev.mezhbank.kiev.ua
1 adtrack.adleadevent.com ajax.googleapis.com
1 ps.eyeota.net ads.themoneytizer.com
1 pool.grid-data.bidswitch.net newkursru.llell.dev.mezhbank.kiev.ua
1 secure.adnxs.com 1 redirects
1 dmp.truoptik.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 ajax.googleapis.com ads.themoneytizer.com
1 acdn.prod.pubstack.io tmzr.pubstack.io
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 tmzr.pubstack.io ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com newkursru.llell.dev.mezhbank.kiev.ua
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 adx.adform.net keytarget.adnet.lt
1 adnet-d.openx.net keytarget.adnet.lt
1 prebid-eu.creativecdn.com keytarget.adnet.lt
1 prg.smartadserver.com keytarget.adnet.lt
1 cdn.jsdelivr.net keytarget.adnet.lt
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 c.amazon-adsystem.com keytarget.adnet.lt
1 www.google.de newkursru.llell.dev.mezhbank.kiev.ua
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 h.holder.com.ua newkursru.llell.dev.mezhbank.kiev.ua
1 www.googletagmanager.com newkursru.llell.dev.mezhbank.kiev.ua
1 code.jquery.com newkursru.llell.dev.mezhbank.kiev.ua
1 fonts.googleapis.com newkursru.llell.dev.mezhbank.kiev.ua
0 uipglob.semasio.net Failed newkursru.llell.dev.mezhbank.kiev.ua
220 78
Subject Issuer Validity Valid
newkursru.llell.dev.mezhbank.kiev.ua
Let's Encrypt Authority X3
2020-04-08 -
2020-07-07
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-03-24 -
2020-06-16
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
holder.com.ua
Let's Encrypt Authority X3
2020-02-21 -
2020-05-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA
2020-02-02 -
2022-05-02
2 years crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
keytarget.adnet.lt
Sectigo RSA Domain Validation Secure Server CA
2019-04-15 -
2021-05-06
2 years crt.sh
c.amazon-adsystem.com
Amazon
2019-10-07 -
2020-09-29
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-06 -
2020-10-09
6 months crt.sh
*.smartadserver.com
DigiCert Global CA G2
2020-02-03 -
2022-02-03
2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2020-02-17 -
2022-02-16
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-15 -
2021-02-14
2 years crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA
2019-10-16 -
2022-01-17
2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2018-07-07 -
2020-06-03
2 years crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2020-01-27 -
2021-02-08
a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA
2019-10-17 -
2020-10-16
a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2018-09-06 -
2020-09-12
2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3
2020-03-02 -
2020-05-31
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2019-10-04 -
2020-10-07
a year crt.sh
*.prod.pubstack.io
Amazon
2019-09-18 -
2020-10-18
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2020-01-27 -
2021-02-08
a year crt.sh
ad.ssp.otm-r.com
Let's Encrypt Authority X3
2020-03-13 -
2020-06-11
3 months crt.sh
omnitagjs.com
Sectigo RSA Organization Validation Secure Server CA
2019-03-26 -
2020-06-23
a year crt.sh
*.360yield.com
Amazon
2019-09-24 -
2020-10-24
a year crt.sh
acdn.prod.pubstack.io
DigiCert SHA2 Secure Server CA
2019-11-28 -
2020-11-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-03-06 -
2022-03-06
2 years crt.sh
*.eyeota.net
Let's Encrypt Authority X3
2020-02-10 -
2020-05-10
3 months crt.sh
adtrack.adleadevent.com
Amazon
2019-06-30 -
2020-07-30
a year crt.sh
c.tmyzer.com
Let's Encrypt Authority X3
2020-02-11 -
2020-05-11
3 months crt.sh
*.id5-sync.com
Let's Encrypt Authority X3
2020-04-02 -
2020-07-01
3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-16 -
2020-05-16
a year crt.sh

This page contains 27 frames:

Primary Page: https://newkursru.llell.dev.mezhbank.kiev.ua/
Frame ID: 8300C1EFB6FE0197F1E6E09ED048CFE0
Requests: 66 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 816A746BCAF600DCE08012C5442D2BDD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAhC5NYdJpCJA10ZvVAqB_bbcaE6XR6IXFmj-KYI4wuqcewox0p7s_vZvo4_5rJWZQKDgWlNQp9qQCboIET0pqCdXBB92F0DOC1aObkfuYrCInrjYJq9lu4XbWPOrwWtF7OoLI9Y4C5_IqCDXpz4b4zQC9M22Kez5tLFvHH4oKqW_xU2a0GQwSXC-sylSkYGRkCGrK2csT3BS8zZXNO4O8yTPDUK6GZRkWcbvuLoKA-3YtkZNq8wyLZScmY1AkeaDO2HfhZ-vI2EvwPCF1ADg8uYRda3Ojss6LDyZWkBhcjvXeEJa9IZYGifF64u51ZXM&sai=AMfl-YRvggWWIjBD41N0BRKFybXSeAnYLmC1cGrR9BWVtR3DxTWo0s7T-AGKpfLmPXgiTFz9iTtoMuvNfi5ACDph-lXEtBNwiqRrrTr9u37_CQ&sig=Cg0ArKJSzE-Z-EoCmEzXEAE&urlfix=1&adurl=
Frame ID: D68145176C6C6E59C8FCCFBE6D00A793
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0A53C01844EC7CDDDA3E579EC9F1BF81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6B5AEF1553E7406D1FE326202B618C57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8295A254CF937E9A7325F1BAA366EC99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5CA272C3894DEE0C4F5FACDAB56D7E76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html
Frame ID: C1B7917B585F56E2CF8EFD15C90E0C4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=1242725870&adk=3541726907&adf=1158518596&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357583688&bpp=66&bdt=2872&fdt=380&idt=380&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2044785271074&frm=20&pv=2&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3585&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=17&uci=a!h&btvi=1&fsb=1&xpc=bS0ei1ZqeM&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=414
Frame ID: 3E5D3AE2CD221B303939004C34B723F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&adk=1812271804&adf=3025194257&lmt=1586357584&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586357583754&bpp=21&bdt=2938&fdt=410&idt=410&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=17&uci=a!h&fsb=1&dtd=424
Frame ID: AF1E47C192843A7EB9E2C3BCA5A8A938
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=280&slotname=6063470430&adk=1467032171&adf=702052147&w=336&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584237&bpp=10&bdt=3421&fdt=10&idt=10&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=4286&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=19&uci=a!j&btvi=2&fsb=1&xpc=RzzykRvSZy&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=26
Frame ID: 781570EAF78D013488D0F32373D4273B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=9019269503&adk=1742692219&adf=2257412913&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584000&bpp=13&bdt=3184&fdt=290&idt=290&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C336x280&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3908&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=18&uci=a!i&btvi=3&fsb=1&xpc=a90Q2ij317&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=303
Frame ID: EF34BCC7748DC8E531B5007F93879380
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvk1E3_rcNkmXEqxuf4v83vrhSC6Y-VmzenlS6fsFVt7tL1Qkq6ViMWeiGinFUTlKB_vU17KMPQTABoTBDsyNbV91MUG1svKUWUnlbyIUKG8rKJSzMuC27oJsVPaBCGKspWBVByeB-16v0b3m_mXgNmNTjFheUCjY3iMFAVrN5_q6qGeWxJfEg-rK8WV9NPgPZIKwTOaO-G5t9fiAGPPqISEtzgw45j9jFlc8NqNrqnZpMG8R2YzAvMZ7QMM2XQLz81_UAlVxn4NJSK5CavFftKlLULXENNtOjFH8DHb3qd3kQFT_l5G3hMn9Ukbg&sig=Cg0ArKJSzLtbxIBCx7duEAE&urlfix=1&adurl=
Frame ID: 408B7DAC82953618E1AE3348E0E32A3E
Requests: 87 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 671D1177B26092B27E41F11649608917
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1586357584513
Frame ID: 1172CF0A453E906CEF6909D905F52E56
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 2DDEF141D8516DA2DF6A614E59ECEE5F
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: CD6DE00C39DC66CE2685BB2154B69091
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4FEDF96201B3224D27678E187C52EF4A
Requests: 8 HTTP requests in this frame

Frame: https://www5.plant-for-the-planet.org/assets/300250/
Frame ID: 0E065AD6FDAF3F5F5BC7ACED5583198D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 3B1BFA05B1D7B8D99E3D87767D1E81A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: C64F0CDC6A7F427B2BEE51891B2E4708
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B19F376A0474C245E07C79C99C3FC257
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0D432DA1F12C5B06A0D9337852832DBA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1586357585013
Frame ID: A3E36C370E45E92FCE86F08AB6127441
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: C73DCD953B2E4E28CF4FFED2F2321AF7
Requests: 8 HTTP requests in this frame

Frame: https://www5.plant-for-the-planet.org/assets/300250/
Frame ID: 3913CB28FA9AFCA5E0BEBC6A45587D58
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2E7BED499E6DE0D84262F2F5FB5C15CF
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

220
Requests

100 %
HTTPS

36 %
IPv6

57
Domains

78
Subdomains

63
IPs

15
Countries

2287 kB
Transfer

5420 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F.%20%u041A%u043E%u043D%u0432%u0435%u0440%u0442%u0435%u0440.%20%u041C%u0435%u0436%u0431%u0430%u043D%u043A.%20%u041D%u0411%u0423.%20%u041A%u0443%u0440%u0441%20%u0432%20%u0431%u0430%u043D%u043A%u0430%u0445;0.3372714761505542 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F.%20%u041A%u043E%u043D%u0432%u0435%u0440%u0442%u0435%u0440.%20%u041C%u0435%u0436%u0431%u0430%u043D%u043A.%20%u041D%u0411%u0423.%20%u041A%u0443%u0440%u0441%20%u0432%20%u0431%u0430%u043D%u043A%u0430%u0445;0.3372714761505542
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2050002455&t=pageview&_s=1&dl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%80%D1%81%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F.%20%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80.%20%D0%9C%D0%B5%D0%B6%D0%B1%D0%B0%D0%BD%D0%BA.%20%D0%9D%D0%91%D0%A3.%20%D0%9A%D1%83%D1%80%D1%81%20%D0%B2%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0%D1%85&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=347994059&gjid=809591485&cid=1967838376.1586357581&tid=UA-23334225-1&_gid=55498182.1586357581&_r=1&gtm=2ou3p1&z=569050994 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_gid=55498182.1586357581&gjid=809591485&_v=j81&z=569050994 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994&slf_rd=1&random=2811551362
Request Chain 69
  • https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false& HTTP 302
  • https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false&crf=1
Request Chain 101
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 112
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=4892474757351772520&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/7/3.gif?puid=8375070726083920950&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=2265f0a6847cdeedb21c3ce041bfebb7&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/5/5.gif?puid=e49f808d-17a8-4bde-aa63-dec83927735c&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
  • https://id5-sync.com/c/12/103/4/6.gif?puid=8aa287e51f3f5af33814487afa6b02f4&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/3/7.gif?puid=a7c91021-79a8-11ea-951e-7e81adadfcb2&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 121
  • https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Request Chain 122
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Request Chain 123
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Request Chain 126
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined& HTTP 302
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Request Chain 127
  • https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined& HTTP 302
  • https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Request Chain 128
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined& HTTP 302
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Request Chain 132
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Request Chain 154
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&fck=221a52c32e02ff15&cbp=dsp_uid HTTP 302
  • https://s.cpx.to/sync?dsp_uid=99dbdb2ad608152066bc51f3bf015830&fck=221a52c32e02ff15
Request Chain 155
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4A058DC-9AA2-408F-B85E-5F90EC14CC6D&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Request Chain 156
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4892474757351772520&pid=11528&ref=&hn_ver=10&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_gid=CAESEMKV--TsmB0LARV_72HexXc&google_cver=1
Request Chain 166
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=0 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVLoQ8vwif8XCMICiDaWXk&google_cver=1
Request Chain 175
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8376169300140203&output=html&h=250&slotname=1679351279&adk=487650184&adf=2952223782&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fkurs.com.ua&ea=0&flash=0&wgl=1&adsid=NT&dt=1586357588188&bpp=1&bdt=36&idt=45&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&correlator=2044785271074&frm=23&ife=4&pv=2&ga_vid=620284258.1586357588&ga_sid=1586357588&ga_hid=423810529&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=5075&biw=1585&bih=1200&isw=300&ish=250&ifk=2554005271&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=468445346471562&loc=EMPTY&top=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.jd5a5fvwjff1&btvi=1&fsb=1&dtd=49 HTTP 302
  • https://www5.plant-for-the-planet.org/assets/300250/
Request Chain 183
  • https://ads.betweendigital.com/sspmatch-iframe HTTP 302
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SLnziYAtQhyqI1mV4bu2Ig&google_cm&publisher_dsp_id=340 HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1 HTTP 302
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f
Request Chain 190
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4856fefe-623b-5263-bf9a-fe44e1171b12&ssp=improve&expires=30 HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=072f8754-6dbc-44ef-ac41-1e62770f67b2
Request Chain 191
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA HTTP 302
  • https://ice.360yield.com/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA HTTP 302
  • https://ice.360yield.com/ul_cb/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
Request Chain 194
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD& HTTP 302
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD&crf=1
Request Chain 198
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Request Chain 200
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined& HTTP 302
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
Request Chain 214
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8376169300140203&output=html&h=250&slotname=3156059159&adk=664605230&adf=3590127634&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fkurs.com.ua&ea=0&flash=0&wgl=1&adsid=NT&dt=1586357603555&bpp=11&bdt=42&fdt=46&idt=46&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&correlator=2044785271074&frm=23&ife=4&pv=1&ga_vid=1522903092.1586357604&ga_sid=1586357604&ga_hid=936454181&ga_fc=0&iag=63&icsg=170&nhd=3&dssz=6&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=5075&biw=1585&bih=1200&isw=300&ish=250&ifk=2554005271&scr_x=0&scr_y=0&eid=21065472%2C21065531&oid=3&pvsid=4136536244107905&loc=EMPTY&top=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.fkznckjc89f7&btvi=1&fsb=1&dtd=52 HTTP 302
  • https://www5.plant-for-the-planet.org/assets/300250/

220 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newkursru.llell.dev.mezhbank.kiev.ua/
135 KB
21 KB
Document
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4ca7784f0e0e5c7eea98a29b032bfbf5f95469aa9cc6766abc7bcaf82a70f13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
newkursru.llell.dev.mezhbank.kiev.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.14.0 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
must-revalidate, no-cache, private
Date
Wed, 08 Apr 2020 14:53:00 GMT
Expires
-1
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Encoding
gzip
ads.js
newkursru.llell.dev.mezhbank.kiev.ua/storage/js/
0
0
Script
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/js/ads.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:00 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
css
fonts.googleapis.com/
23 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed|Roboto:300,300i,400,400i,500,500i,700,700i&display=swap&subset=cyrillic
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
536aee3a96cffd2399b074d8e4785fc153fa5026531af4afe5fbbfce22601f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 14:53:00 GMT
server
ESF
date
Wed, 08 Apr 2020 14:53:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Apr 2020 14:53:00 GMT
style.css
newkursru.llell.dev.mezhbank.kiev.ua/storage/css/
0
0
Stylesheet
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/css/style.css?v=1.72
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 14:53:00 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
jquery-2.1.3.min.js
code.jquery.com/
82 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.1.3.min.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Dec 2014 15:17:03 GMT
Server
nginx
ETag
W/"5492efef-14960"
Vary
Accept-Encoding
X-HW
1586357580.dop149.fr8.shc,1586357580.dop149.fr8.t,1586357580.cds097.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29507
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/
10 KB
4 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:00 GMT
content-encoding
br
cf-cache-status
HIT
age
2723431
cf-ray
580cd0c02dcbd70d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:58 GMT
server
cloudflare
etag
W/"5afd497a-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 29 Mar 2021 14:53:00 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
highstock.js
cdnjs.cloudflare.com/ajax/libs/highstock/6.0.3/
256 KB
87 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highstock/6.0.3/highstock.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1827bc9c0dcaa6f58c1b69a8b7dcbb05880423cfde41498f671ea700d2eaad71
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:00 GMT
content-encoding
br
cf-cache-status
HIT
age
14023374
cf-ray
580cd0c03e1ad70d-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:27 GMT
server
cloudflare
etag
W/"5afd491f-3ffd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 29 Mar 2021 14:53:00 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
custom.js
newkursru.llell.dev.mezhbank.kiev.ua/storage/js/
0
0
Script
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/js/custom.js?v=1.51
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:00 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39159
x-xss-protection
0
server
cafe
etag
18139634824200265979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:00 GMT
js
www.googletagmanager.com/gtag/
78 KB
29 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-23334225-1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
939299e2e4f1db5a376e445b2ec9b11fe8ad24afbe5abfb252c82269b717c650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:00 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29585
x-xss-protection
0
last-modified
Wed, 08 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Apr 2020 14:53:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
44 KB
15 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
a405cfd47a8e088c3f593d9c78825c0a233e7e5ef2df26f5c803c0629eaeb7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"480 / 498 of 1000 / last-modified: 1586356416"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14677
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:01 GMT
logo_kurs.svg
newkursru.llell.dev.mezhbank.kiev.ua/storage/images/
58 KB
58 KB
Image
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/images/logo_kurs.svg
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fd92ede9a60317b876ee3afca1ef3c69e7e7bf27d15c411ca6bde8b69d7bd4b4

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
s
h.holder.com.ua/
43 B
366 B
Image
General
Full URL
https://h.holder.com.ua/s?b1585&s3908&tz&a154164&r1854480452&u
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:01 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
search.svg
newkursru.llell.dev.mezhbank.kiev.ua/storage/images/
58 KB
58 KB
Image
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/images/search.svg
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f379ec8b012003ea98a7e47b5394f013822dfdd595a21ac33a80e23432f5ffc2

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
style980.css
newkursru.llell.dev.mezhbank.kiev.ua/storage/css/
0
0
Stylesheet
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/css/style980.css?v=1.72
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
style768.css
newkursru.llell.dev.mezhbank.kiev.ua/storage/css/
0
0
Stylesheet
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/css/style768.css?v=1.72
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
style320.css
newkursru.llell.dev.mezhbank.kiev.ua/storage/css/
0
0
Stylesheet
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/css/style320.css?v=1.72
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
WQ9/iXqckgUx9cF4IPpj6hyKvPO4uuIJud3sDfxE6KSan8zjhbuONEgycAn2yl0NGpON/bd1JeyuzjAaa+LDOg==
x-fb-trip-id
1850256238
date
Wed, 08 Apr 2020 14:53:00 GMT, Wed, 08 Apr 2020 14:53:00 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
319 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
319 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
2498299297079574
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2498299297079574?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4559399a218ab3a561f6d7ccb48eeda774f68bb9b7ad9cb7222eb979bba431e8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114919
x-xss-protection
0
pragma
public
x-fb-debug
3bRUs/wEKyesdr73qym6VGYDCgzsi641LN2LCE4jUyMfAch1ATooubgVyMuV6dMedmJLwL33Vm0eX59p21HUKw==
x-fb-trip-id
1850256238
date
Wed, 08 Apr 2020 14:53:01 GMT, Wed, 08 Apr 2020 14:53:01 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23334225-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1170
date
Wed, 08 Apr 2020 14:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 08 Apr 2020 16:33:31 GMT
logo_kurs.svg
newkursru.llell.dev.mezhbank.kiev.ua/storage/images/
58 KB
58 KB
Image
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/images/logo_kurs.svg
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b9a379cf25abb72074bb9e4942f3a8217ba1ca463b592f280ea4d382f5248e44

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%u0...
  • https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%...
140 B
519 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F.%20%u041A%u043E%u043D%u0432%u0435%u0440%u0442%u0435%u0440.%20%u041C%u0435%u0436%u0431%u0430%u043D%u043A.%20%u041D%u0411%u0423.%20%u041A%u0443%u0440%u0441%20%u0432%20%u0431%u0430%u043D%u043A%u0430%u0445;0.3372714761505542
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:01 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
140
Expires
Mon, 08 Apr 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:01 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//newkursru.llell.dev.mezhbank.kiev.ua/;h%u041A%u0443%u0440%u0441%20%u0432%u0430%u043B%u044E%u0442%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F.%20%u041A%u043E%u043D%u0432%u0435%u0440%u0442%u0435%u0440.%20%u041C%u0435%u0436%u0431%u0430%u043D%u043A.%20%u041D%u0411%u0423.%20%u041A%u0443%u0440%u0441%20%u0432%20%u0431%u0430%u043D%u043A%u0430%u0445;0.3372714761505542
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 08 Apr 2019 21:00:00 GMT
adriver.core.2.min.js
newkursru.llell.dev.mezhbank.kiev.ua/storage/js/
0
0
Script
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/storage/js/adriver.core.2.min.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:01 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2498299297079574&ev=PageView&dl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&rl=&if=false&ts=1586357581198&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.2.1586357581197.309724162&it=1586357581074&coo=false&rqm=GET
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT, Wed, 08 Apr 2020 14:53:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Wed, 08 Apr 2020 14:53:01 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2050002455&t=pageview&_s=1&dl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%80%D1%81%20%D0%B2%D0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_gid=55498182.1586357581&gjid=809591485&_v=j81&z=569050994
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994&slf_rd=1&random=2811551362
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994&slf_rd=1&random=2811551362
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23334225-1&cid=1967838376.1586357581&jid=347994059&_v=j81&z=569050994&slf_rd=1&random=2811551362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=2050002455&t=event&_s=2&dl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D1%83%D1%80%D1%81%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F.%20%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80.%20%D0%9C%D0%B5%D0%B6%D0%B1%D0%B0%D0%BD%D0%BA.%20%D0%9D%D0%91%D0%A3.%20%D0%9A%D1%83%D1%80%D1%81%20%D0%B2%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0%D1%85&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Adblock&ea=loadedNew&_u=IEBAAUAB~&jid=&gjid=&cid=1967838376.1586357581&tid=UA-23334225-1&_gid=55498182.1586357581&gtm=2ou3p1&z=221515352
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 10:43:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2261392
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2020032401.js
securepubads.g.doubleclick.net/gpt/
168 KB
62 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62966
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:01 GMT
ads
securepubads.g.doubleclick.net/gampad/
417 B
748 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content1-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581384&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3906390508&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=51&icsg=808466602&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
a551c0e3bcae2fff65b1f5f6718a5df15ae722dd403117495aff558ac86b26cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020032401.js
securepubads.g.doubleclick.net/gpt/
66 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24573
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:01 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

ads
securepubads.g.doubleclick.net/gampad/
417 B
399 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content2-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581410&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3676893113&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
463fedc156bb960b555367ac287e0271e3bb8d835d003ddbe9ccd135ca5863ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
417 B
401 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content3-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581417&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1097882814&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
0ad96a982905bcdb6dc17a577e3f8f40141a48ad6e903e56828da102909c791f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
223
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
423 B
408 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content4-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581431&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=451755637&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
5f270c36258b1ae9b95a89f9585875a3e644cffdcae07eebc3c168f046c5d1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
423 B
403 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content-bottom-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581438&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=217071073&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
58a49aba2952d24d5c951f583105c8dd907b79845509e4952c27d50c0964bdc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
225
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
424 B
414 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Sidebar1-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x480%7C320x100%7C300x600%7C300x500%7C300x250%7C300x300%7C300x100%7C300x75%7C250x250%7C240x600%7C240x400%7C240x350%7C240x300%7C200x200%7C160x600%7C120x600&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581461&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3656481417&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=336x280&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
77afc0a3b90195977242db5f66c125364a2ae2f51c72e9884c5b5cb9ead1ad5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Sidebar2-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x480%7C320x100%7C300x600%7C300x500%7C320x50%7C300x250%7C300x300%7C300x100%7C300x75%7C250x250%7C240x600%7C240x400%7C240x350%7C200x200%7C160x600%7C120x600&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581472&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2457743774&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=336x280&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
e2778ba64bc9523a20ec06eaa79e22d1aa5862c22f7bdd212ca76f8374d50a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2179
x-xss-protection
0
google-lineitem-id
5322894702
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305846927
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Sidebar3-Main&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x1050%7C336x280%7C320x480%7C320x100%7C300x600%7C300x500%7C320x50%7C300x250%7C300x300%7C300x100%7C300x75%7C250x250%7C240x600%7C240x400%7C240x350%7C200x200%7C160x600%7C120x600&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581503&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4060569014&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=300x1050&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
70b96bff6fcef57df54fdd2339a3ee8c6842b5648f8a0824145498c3e997dd8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2162
x-xss-protection
0
google-lineitem-id
5324078552
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308151542
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
410 B
395 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581532&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=658108238&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
6675d0c809dd10353cc8531fd32e91ff66c5955721f36bb84a5a88f30045a5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
217
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
77 KB
26 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content1-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie=ID%3D43a3252a72e233c7%3AT%3D1586357581%3AS%3DALNI_Ma40k9AH7wWNdwWYHpVDFkGFqTGpg&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581648&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1147356850&ucis=a&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
67dafafac099c2131c4aacaa3ce6cbf6b20d03edd6404bb9ba48368f0ace2bb2
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10179580136563059392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10179580136563059392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CID_1MGK2egCFUSwewoddYMEFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/10179580136563059392/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10179580136563059392/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10179580136563059392/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CID_1MGK2egCFUSwewoddYMEFA&gqi=&layout=/sadbundle/%24csp%253Der3%24/10179580136563059392/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
25601
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 08 Apr 2020 14:53:02 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e89063d8b1931fcdbe19673129e9365d4f344f27481ce8a98ca1cb69646a4b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5223
x-xss-protection
0
/
www.facebook.com/tr/
0
64 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryWCoTkgwQ1kntUOgi

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
date
Wed, 08 Apr 2020 14:53:01 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:01 GMT
ads
securepubads.g.doubleclick.net/gampad/
67 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content2-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie=ID%3D48d2e62696f7111f%3AT%3D1586357581%3AS%3DALNI_MawmAy75yExY5QfhAjK-fsYBktGKg&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581725&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3067377368&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=53&icsg=11823801002&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
11730764d7fe6a23ff2946f7f8b4ae29c4fedf3ad935e2d840f6a425594b4019
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12258173569892734201/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12258173569892734201/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNej4sGK2egCFUuC3godB4gEbQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12258173569892734201/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12258173569892734201/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12258173569892734201/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNej4sGK2egCFUuC3godB4gEbQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12258173569892734201/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
23725
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 08 Apr 2020 14:53:03 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 816A
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Wed, 08 Apr 2020 14:18:16 GMT
expires
Thu, 08 Apr 2021 14:18:16 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2085
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/
14 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content3-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie=ID%3Daa336dfb477f883c%3AT%3D1586357581%3AS%3DALNI_MZSnAmr6Ghk1PsdPfzt914Ino-5ow&cookie_enabled=1&bc=31&abxe=1&lmt=1586357581&dt=1586357581862&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=409098214&ucis=c&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
8042f1c77251992084af7d702683a3207fc06cda02391acb0b31e60cf49bf377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
8594
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
123 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032401&jk=4408110538372683&bg=!hoWlhZ1YSsigZJzfkr8CAAAAq1IAAAAQmQFwG8ob7-bfs-34Wco9v2WzVhJqIcSNX68pyAhzuaKp53-8UW9SgrNsrXFDCXbK34Uho7IUrSUTy_LR0oMcVl4T_9y--jXprUAwiJjhB4DF9W2KTPx8BQFbdzd-4PY8m_4Twe0oYDUqG8MSvPpmSgfv3ZOTy7a22UknfTKjjFzchf33ddrrpcBIM584lRvLqXa8-0uH_jRe-9hxY3VDOb_2qwHNFyP9Te47zRrTap8hmYyyyu8r_f_6SraesIFAfkVV5-SQeACj-EDARztAthmVQGtcUNiJVQPNnTPcyPX_OkGAklPjXrvQ7qBEa9rWy8lDsqWh6JEI-Bs-dIn3lTvfyx3TVrp2MoaWThcIw0eTuxSvF02az759zu8WDkJD9LYQIOFPXdk9-UuB_HijE45Z9dq_OiJAm-j2jZy9xmHBdPLoF0_CJaswpXcjCX2R3vN9fJBYBh4aULLTCptqkTWRLPJ7-eogOiyvp6OrbVC3j-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
319 B
444 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content4-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x187%7C728x90&cust_params=page%3Dmain&cookie=ID%3Dba41a719433a0625%3AT%3D1586357581%3AS%3DALNI_MZ2bXNFJnRrGWXt1uc8cV7V4GVbHg&cookie_enabled=1&bc=31&abxe=1&lmt=1586357582&dt=1586357582007&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2161168433&ucis=d&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x187&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
846fa8242d1815dffc382eb2f35535451fa50b7a5072a63752aeb8de1731ebd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
325 B
446 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Content-bottom-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=page%3Dmain&cookie=ID%3D2a267b65653fecf5%3AT%3D1586357581%3AS%3DALNI_MZW8JIu1MYfvvrqu22yz1YghPXxfA&cookie_enabled=1&bc=31&abxe=1&lmt=1586357582&dt=1586357582223&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3174053528&ucis=e&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x90&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
50321f08d7fc45ccd892e1ae254f0b45deff993c4a4e6e0eebd8de10cb0250f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
326 B
456 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-Sidebar1-Main-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x100%7C320x50%7C300x250%7C300x300%7C300x100%7C300x75%7C250x250%7C200x200&cust_params=page%3Dmain&cookie=ID%3D2fe0e289bfaa3249%3AT%3D1586357581%3AS%3DALNI_MaDPWPJko-L6Oh0WMbwv285PftI1Q&cookie_enabled=1&bc=31&abxe=1&lmt=1586357582&dt=1586357582344&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3474174608&ucis=f&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=52&icsg=2955950250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=336x280&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
285d9b7cd6a97f1c4fb6e0017b23e102ebbe98818b709d4d51d42f8b4b5c1a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
146
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D681
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAhC5NYdJpCJA10ZvVAqB_bbcaE6XR6IXFmj-KYI4wuqcewox0p7s_vZvo4_5rJWZQKDgWlNQp9qQCboIET0pqCdXBB92F0DOC1aObkfuYrCInrjYJq9lu4XbWPOrwWtF7OoLI9Y4C5_IqCDXpz4b4zQC9M22Kez5tLFvHH4oKqW_xU2a0GQwSXC-sylSkYGRkCGrK2csT3BS8zZXNO4O8yTPDUK6GZRkWcbvuLoKA-3YtkZNq8wyLZScmY1AkeaDO2HfhZ-vI2EvwPCF1ADg8uYRda3Ojss6LDyZWkBhcjvXeEJa9IZYGifF64u51ZXM&sai=AMfl-YRvggWWIjBD41N0BRKFybXSeAnYLmC1cGrR9BWVtR3DxTWo0s7T-AGKpfLmPXgiTFz9iTtoMuvNfi5ACDph-lXEtBNwiqRrrTr9u37_CQ&sig=Cg0ArKJSzE-Z-EoCmEzXEAE&urlfix=1&adurl=
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:02 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:02 GMT
keytarget.min.js
keytarget.adnet.lt/stable/ Frame D681
408 KB
148 KB
Script
General
Full URL
https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
a3ad1219e20ce4e476af9a3ca25fd06050bd05c631f8763ca30d42ed9bd77eca

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-Varnish-Cache
HIT
Date
Wed, 08 Apr 2020 14:53:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 09:09:35 GMT
Server
nginx
Age
2426
ETag
"5e8d94cf-65f65"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
cache-control
max-age=86400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
151560
Expires
Thu, 09 Apr 2020 14:53:02 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame D681
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc97a733962420b1f335655808034c429c44a27df316a5abd3fe31c519e5fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28249
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27981
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:02 GMT
truncated
/ Frame D681
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a1f8c08e7da458a1f9b4e09161ee2c30acfe75cc6f84caf618f4f84b274146

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0A53
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 08 Apr 2020 14:52:16 GMT
expires
Thu, 08 Apr 2021 14:52:16 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
46
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/
312 B
207 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4408110538372683&correlator=3938966891955825&output=ldjh&impl=fifs&adsid=NT&eid=21065661&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=21614339586%2CKD-footer-second&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=page%3Dmain&cookie=ID%3D4fe6d01af3995217%3AT%3D1586357581%3AS%3DALNI_MblXa2yW0OtjFC06zT7pq9mIqlVQA&cookie_enabled=1&bc=31&abxe=1&lmt=1586357582&dt=1586357582916&dlt=1586357580816&idt=548&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=617930877&ucis=g&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=53&icsg=11545884842&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x0&msz=728x90&psts=AKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCKavm0y-7DFBxajSnt_l1rf%2CAKB7eCLZOLmjUij1-haJ1udR0wqGK9_DABlmhg7IExUKNRD-KcQq4Q8wyCW9MvPgFJqJPZY4qRNK-GrNhgdE8kzF8P8Gx6HXK_Q%2CAKB7eCKvMecNIPQHuACNa9ngjMpIKQhqu4oP5KcY7hIfsi5H3-om1XSDzDhl5iMFV-vFwsO-6uugwhZOFQVNA_lpkNEzoaVVGIs%2CAKB7eCKavm0y-7DFBxajSnt_l1rf&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
3ddd084d76dfbdd20bbd034713d7cd7a28555cb5090cdf38f6e04f9943ede144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6B5A
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 08 Apr 2020 14:52:16 GMT
expires
Thu, 08 Apr 2021 14:52:16 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
47
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D681
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
last-modified
Thu, 05 Mar 2020 08:28:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
public, max-age=86400
x-cache
Miss from cloudfront
x-amz-cf-id
TBs6_DhFAFMPhPJoDjJ2FtU8w7siXQYdGLese0OJc5iv67mgaOv-_g==
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D681
44 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
a405cfd47a8e088c3f593d9c78825c0a233e7e5ef2df26f5c803c0629eaeb7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"480 / 453 of 1000 / last-modified: 1586356416"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14677
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:03 GMT
kurs_com_ua_bidder_config.js
keytarget.adnet.lt/stable/configs/ Frame D681
4 KB
1 KB
Script
General
Full URL
https://keytarget.adnet.lt/stable/configs/kurs_com_ua_bidder_config.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.125.237 , Lithuania, ASN47205 (TELIA-LIETUVA, LT),
Reverse DNS
193-200-125-237.cust.interdata.lt
Software
nginx /
Resource Hash
cab133de8cec7fc1216859ac7d3e65a4a6763d9a4b1ef98422564b2ecd069a7e

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

X-Varnish-Cache
HIT
Date
Wed, 08 Apr 2020 14:53:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 14:13:29 GMT
Server
nginx
Age
1068
ETag
W/"5e8ddc09-11e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
cache-control
max-age=86400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1043
Expires
Thu, 09 Apr 2020 14:53:03 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8295
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 08 Apr 2020 14:52:16 GMT
expires
Thu, 08 Apr 2021 14:52:16 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
47
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
integrator.js
adservice.google.co.uk/adsid/ Frame D681
109 B
839 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D681
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020032401.js
securepubads.g.doubleclick.net/gpt/ Frame D681
168 KB
62 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
62966
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:03 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D681
1 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200408
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b513dff8a20edafbae5775b329585f4ebe3528508178076ccce86700935bff0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-cache
HIT
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-served-by
cache-fra19167-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"53d-nZ5qyV424vOYV8gascL2vmbImlg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
580cd0d1bbfee003-FRA
v1
prg.smartadserver.com/prebid/ Frame D681
0
343 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:03 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D681
320 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16854&site_id=197432&zone_id=1498536&size_id=15&alt_size_ids=9%2C8%2C10%2C14%2C17%2C19%2C48&gdpr=0&rf=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3696283327394232
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7a76e5ae5546ebdb1be1c2691f2da3bfeb8f3799b8e83144a2f5fe27d3c22675

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:03 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=457
Content-Length
320
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D681
0
222 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 08 Apr 2020 14:53:03 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
access-control-max-age
3600
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ Frame D681
Redirect Chain
  • https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5...
  • https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5...
0
-1 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false&crf=1

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false&crf=1
arj
adnet-d.openx.net/w/1.0/ Frame D681
173 B
586 B
XHR
General
Full URL
https://adnet-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&nocache=1586357583465&gdpr=0&x_gdpr_f=1&aus=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&divIds=kurs_300x600_2&auid=540936914&
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.183.0 /
Resource Hash
be99931f0561696240c5d72c67c25185c5afdea14fda689e713273f1ffdaa566

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
server
OXGW/16.183.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame D681
5 B
465 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTczNzY5MSZ0cmFuc2FjdGlvbklkPTE5NTNiM2NmLTFiMGEtNGQwNS1iNzc4LTg5YzkxOWE0YTExYyZyY3VyPUVVUg%3D%3D&pt=gross&stid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&fd=1
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:03 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cygnus
as-sec.casalemedia.com/ Frame D681
25 B
1010 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?t=700&s=428455&v=7.2&r=%7B%22id%22%3A%2213b59822f5d2a2f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221476ee15391fecf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22156c18695edc7e6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221656fa3498188b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22173cb9d40cb7295%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221822581090378a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2219b9a9614e91555%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2220417e7db51e837%22%2C%22ext%22%3A%7B%22siteID%22%3A%22428455%22%2C%22sid%22%3A%222%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-15-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e23f5079fd0892ee0c638733a67677078857293545108b6229f74c9c0ce9e60c

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 08 Apr 2020 14:53:03 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D681
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
c8c358f84129cf925a1230d95d01dd9dad44ef2453ea6f18a6ef4d1cc47d04e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.199:80
AN-X-Request-Uuid
fdd28d50-a5c9-42c9-98bf-15886ec436d0
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame D681
0
166 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.14.0&cb=4585632282
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 08 Apr 2020 14:53:03 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame D681
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
1834d8805e0cefe2df2337a636e949014d868196f37557ae6bd5c0b267cf105e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid
aab55ae9-6081-4fe3-9ae4-23637992e590
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5CA2
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 08 Apr 2020 14:52:16 GMT
expires
Thu, 08 Apr 2021 14:52:16 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
47
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/
215 KB
81 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
82821
x-xss-protection
0
server
cafe
etag
14107941289507204222
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/ Frame C1B7
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200402/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200402/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUleOimGGxYRBeR2fo8_yTtujJWFHPQsno59EDyXqqwEk_P8YJSdTHt0zGHY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 04 Apr 2020 07:02:56 GMT
expires
Sat, 18 Apr 2020 07:02:56 GMT
content-type
text/html; charset=UTF-8
etag
10348540741379653356
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4494
x-xss-protection
0
cache-control
public, max-age=1209600
age
373807
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
adjson
ads.betweendigital.com/ Frame D681
2 B
274 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?sizes=120x600%2C160x600%2C240x400%2C250x250%2C300x100%2C300x250%2C300x300%2C300x600&jst=hb&ord=8840202995079598&tz=-120&fl=0&rr=direct&s=3753010&bidid=88e359e5c8e7a4&transactionid=1953b3cf-1b0a-4d05-b778-89c919a4a11c&auctionid=a76fee12-3d3e-4f60-aae1-cfef34fc5539&gdprApplies=false&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
ads
googleads.g.doubleclick.net/pagead/ Frame 3E5D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=1242725870&adk=3541726907&adf=1158518596&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357583688&bpp=66&bdt=2872&fdt=380&idt=380&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2044785271074&frm=20&pv=2&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3585&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=17&uci=a!h&btvi=1&fsb=1&xpc=bS0ei1ZqeM&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=1242725870&adk=3541726907&adf=1158518596&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357583688&bpp=66&bdt=2872&fdt=380&idt=380&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2044785271074&frm=20&pv=2&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3585&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=17&uci=a!h&btvi=1&fsb=1&xpc=bS0ei1ZqeM&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=414
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUk6S1hS9vq-2f8fBdHOXyzQoDnCrFrVtnEs6jueEmgJ6v8YbR9oaUGKlhbc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Apr 2020 14:53:04 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame AF1E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&adk=1812271804&adf=3025194257&lmt=1586357584&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586357583754&bpp=21&bdt=2938&fdt=410&idt=410&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=17&uci=a!h&fsb=1&dtd=424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1943073806196463&output=html&adk=1812271804&adf=3025194257&lmt=1586357584&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1586357583754&bpp=21&bdt=2938&fdt=410&idt=410&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=17&uci=a!h&fsb=1&dtd=424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlvgwa4KhUegmkq1vT5rQ7bIAMEs4wqxi_YKB2GqZI0z8zPWwubQiqz9Ya7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 08 Apr 2020 14:53:04 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
securepubads.g.doubleclick.net/gampad/ Frame D681
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=971909435802074&correlator=3215377334710236&output=ldjh&impl=fifs&adsid=NT&eid=21064713&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200408&iu_parts=99287527%2Ckurs_com_ua%2Cros%2Ckurs_300x600_2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C2x1%7C120x600%7C160x600%7C240x400%7C250x250%7C300x100%7C300x250%7C300x300%7C300x600&fluid=height&cust_params=siteUrl%3Dnewkursru.llell.dev.mezhbank.kiev.ua%252F%26domain%3Dnewkursru.llell.dev.mezhbank.kiev.ua%26url_keywords%3Dnewkursru%252Cllell%252Cdev%252Cmezhbank%252Ckiev%252Cua%252C&cookie=ID%3D4fe6d01af3995217%3AT%3D1586357581%3AS%3DALNI_MblXa2yW0OtjFC06zT7pq9mIqlVQA&cdm=newkursru.llell.dev.mezhbank.kiev.ua&bc=31&abxe=1&lmt=1586357584&dt=1586357584201&dlt=1586357582515&idt=1412&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=600&oid=3&adxs=157&adys=4775&adks=3131937734&ucis=bkzsam8cd8a&ifi=1&ifk=3600000008&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&top=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&dssz=13&icsg=8866&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1&msz=300x1&ga_vid=1411832014.1586357584&ga_sid=1586357584&ga_hid=486947835&fws=256&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
fbaa38c772955672fd812a2c05c60c1ee735904216e97ca686b55088bb615640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
2003
x-xss-protection
0
google-lineitem-id
5338540228
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138307608426
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020032401.js
securepubads.g.doubleclick.net/gpt/ Frame D681
66 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 13:43:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24573
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:04 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D681
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

ads
googleads.g.doubleclick.net/pagead/ Frame 7815
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=280&slotname=6063470430&adk=1467032171&adf=702052147&w=336&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584237&bpp=10&bdt=3421&fdt=10&idt=10&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=4286&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=19&uci=a!j&btvi=2&fsb=1&xpc=RzzykRvSZy&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1943073806196463&output=html&h=280&slotname=6063470430&adk=1467032171&adf=702052147&w=336&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584237&bpp=10&bdt=3421&fdt=10&idt=10&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=4286&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=19&uci=a!j&btvi=2&fsb=1&xpc=RzzykRvSZy&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=26
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlvgwa4KhUegmkq1vT5rQ7bIAMEs4wqxi_YKB2GqZI0z8zPWwubQiqz9Ya7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Apr 2020 14:53:04 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame EF34
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=9019269503&adk=1742692219&adf=2257412913&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584000&bpp=13&bdt=3184&fdt=290&idt=290&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C336x280&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3908&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=18&uci=a!i&btvi=3&fsb=1&xpc=a90Q2ij317&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1943073806196463&output=html&h=90&slotname=9019269503&adk=1742692219&adf=2257412913&w=728&lmt=1586357584&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&flash=0&wgl=1&adsid=NT&dt=1586357584000&bpp=13&bdt=3184&fdt=290&idt=290&shv=r20200402&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C336x280&nras=1&correlator=2044785271074&frm=20&pv=1&ga_vid=1967838376.1586357581&ga_sid=1586357581&ga_hid=2050002455&ga_fc=0&iag=0&icsg=45905623210&dssz=54&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=3908&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4408110538372683&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=18&uci=a!i&btvi=3&fsb=1&xpc=a90Q2ij317&p=https%3A//newkursru.llell.dev.mezhbank.kiev.ua&dtd=303
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUlvgwa4KhUegmkq1vT5rQ7bIAMEs4wqxi_YKB2GqZI0z8zPWwubQiqz9Ya7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Apr 2020 14:53:04 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D681
66 KB
21 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: keytarget.adnet.lt
URL: https://keytarget.adnet.lt/stable/keytarget.min.js?id=kurs_com_ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b688a376067d22eca0c258817d091ea11a0e7a8d0fdd10fbf781b6a1a2f4aeb9

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 08:43:02 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5e708d96-107de"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 09 Apr 2020 14:53:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 408B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvk1E3_rcNkmXEqxuf4v83vrhSC6Y-VmzenlS6fsFVt7tL1Qkq6ViMWeiGinFUTlKB_vU17KMPQTABoTBDsyNbV91MUG1svKUWUnlbyIUKG8rKJSzMuC27oJsVPaBCGKspWBVByeB-16v0b3m_mXgNmNTjFheUCjY3iMFAVrN5_q6qGeWxJfEg-rK8WV9NPgPZIKwTOaO-G5t9fiAGPPqISEtzgw45j9jFlc8NqNrqnZpMG8R2YzAvMZ7QMM2XQLz81_UAlVxn4NJSK5CavFftKlLULXENNtOjFH8DHb3qd3kQFT_l5G3hMn9Ukbg&sig=Cg0ArKJSzLtbxIBCx7duEAE&urlfix=1&adurl=
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:04 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen.js
ads.themoneytizer.com/s/ Frame 408B
7 KB
3 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2602
expires
Thu, 09 Apr 2020 14:52:34 GMT
requestform.js
ads.themoneytizer.com/s/ Frame 408B
49 KB
10 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
86fd148c4185f19904dc01ffa3558b20920b3dcad13daf87906f5ee07d3d840f

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
expires
Thu, 09 Apr 2020 14:53:04 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 408B
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarcontrol
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc97a733962420b1f335655808034c429c44a27df316a5abd3fe31c519e5fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28249
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:04 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame D681
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27981
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D681
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f8185be48cdc49d1c09a30569eaab5ed920dd4e2e812273301c4e0936d46035
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5188
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D681
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 671D
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Wed, 08 Apr 2020 14:18:16 GMT
expires
Thu, 08 Apr 2021 14:18:16 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2088
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
/
g.themoneytizer.net/g/ Frame 408B
26 B
200 B
Script
General
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Server
nginx
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ Frame 408B
12 KB
4 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 19:01:35 GMT
server
nginx
etag
"779a-30ad-59ba5857e2265"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3955
expires
Thu, 09 Apr 2020 14:52:35 GMT
moneybile.js
ads.themoneytizer.com/ Frame 408B
37 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Thu, 09 Apr 2020 14:52:35 GMT
getjs.static.js
tag.contextweb.com/ Frame 408B
32 KB
11 KB
Script
General
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ Frame 408B
1 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/11528/px.js?r=180e0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-76.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 04 Apr 2020 11:03:43 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
359362
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
V007yWOvhJ4o4N8Nm_euM0jX_HE6xbkZ_zVQuOqqYgag51fz041HNw==
smart.js
ced-ns.sascdn.com/diff/js/ Frame 408B
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
27 KB
9 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2a58 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Mar 2020 14:27:30 GMT
Server
Apache
ETag
"308b0663b760da8cd1006f7a3f2458d5:1584973650"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8932

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 08 Apr 2020 14:53:04 GMT
cache-control
private
content-length
159
content-type
text/html; charset=utf-8
sync
gum.criteo.com/ Frame 408B
49 B
329 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ Frame 408B
3 KB
3 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
/
onetag-sys.com/usync/ Frame 1172
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1586357584513
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1586357584513
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 2DDE
0
0
Document
General
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:04 GMT
content-type
text/html
set-cookie
__cfduid=d2fb6dc6e4e3fe2fe5662a7435db2ba021586357584; expires=Fri, 08-May-20 14:53:04 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=3a381fda-ed84-420a-78e6-e8c325c8074d; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=3a381fda-ed84-420a-78e6-e8c325c8074d; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%93r%AE%AD%E9%C2%C4%8F%BA%97%03%C08%C4%B8%25%8B%D0%0AG%0A%8D%3A%D84k%00%0D%98Y%D1h%AE%C5_%C6%E2%7F%A4R%BA%5Cv%E2%8EN%83%1F%03%FB%00%CE%BB%40j%D4%C4%02%C7%83G%8B%07%07%2A%E0V%1Cl%83%3D%B2%C6z%E3%BF%7B%0E%CE%A6I%5E2%83%5Ea%E2%0Fa%D1%95k%8A%C50~%275; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers
*
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
580cd0d7aa142488-FRA
content-encoding
br
getNewsBottom
newkursru.llell.dev.mezhbank.kiev.ua/ajax/
13 KB
2 KB
XHR
General
Full URL
https://newkursru.llell.dev.mezhbank.kiev.ua/ajax/getNewsBottom?element=news
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.85.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dev1.mezhbank.kiev.ua
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c652e708c23127adbb52190b9248745a01af740663214e393b186d3232aca8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Cache-Control
max-age=300, public
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 08 Apr 2020 14:58:04 GMT
quant.js
secure.quantserve.com/ Frame 408B
13 KB
6 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.156 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08-Apr-2020 14:53:04 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Wed, 15 Apr 2020 14:53:04 GMT
2ba25742-4565-42ad-81bd-3da1c70449a4
tmzr.pubstack.io/v1/tag/ Frame 408B
1 KB
837 B
Script
General
Full URL
https://tmzr.pubstack.io/v1/tag/2ba25742-4565-42ad-81bd-3da1c70449a4
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.192.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-192-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
470b46386385f6a89858376c7d360f47f7f372bdae7485fd76b26a8e745b0a2f

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:04 GMT
cache-control
private, max-age=120
content-encoding
gzip
content-length
718
content-type
application/javascript
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 408B
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-39.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 07:15:42 GMT
Via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
103515
X-Cache
Hit from cloudfront
Content-Type
text/javascript
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
fdm1h04FZ7T5arRVRqII1CL18hdRp6Kg0_wLXIz70tHm-hjtXgbFvg==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ Frame 408B
0
386 B
Script
General
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-15-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:04 GMT
Last-Modified
Wed, 08 Apr 2020 14:10:55 GMT
Server
Apache
ETag
"764a66-0-5a2c811965820"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1361
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
0
Expires
Wed, 08 Apr 2020 15:15:45 GMT
prebid.js
ads.themoneytizer.com/moneybid2_445_2/build/dist/ Frame 408B
407 KB
130 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
888dd3a769ee09f71b5aa98784e05255b6ac4785cbcdb44f18c3a911d6f31893

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 14:45:42 GMT
server
nginx
etag
"1897d-65bd5-5a2b47026d1e4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
132674
expires
Thu, 09 Apr 2020 14:52:28 GMT
get2
uipglob.semasio.net/id5/1/ Frame 408B
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=4892474757351772520&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/7/3.gif?puid=8375070726083920950&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=2265f0a6847cdeedb21c3ce041bfebb7&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/5/5.gif?puid=e49f808d-17a8-4bde-aa63-dec83927735c&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
  • https://id5-sync.com/c/12/103/4/6.gif?puid=8aa287e51f3f5af33814487afa6b02f4&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
  • https://id5-sync.com/c/12/108/3/7.gif?puid=a7c91021-79a8-11ea-951e-7e81adadfcb2&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
0
0

truncated
/ Frame 408B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80dab2cb4fc8b5d9f1558edc1fc8be9385ac693c783d460c157eebe2186923f1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
fire.js
s.cpx.to/ Frame 408B
772 B
1 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=180e0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-172-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bde194c96c8ac1f21f1f44dbeb94337227c52cdd13feaed0a12809853373f62e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
772
Expires
Mon, 23 Mar 2020 17:40:54 GMT
localstore.js
script.4dex.io/ Frame 408B
450 B
711 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Apr 2020 11:18:51 GMT
server
cloudflare
age
761
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=1800
cf-ray
580cd0d91b259ab0-FRA
x-amz-request-id
AF6D478695A73020
x-amz-id-2
2G+/qgBX3NyGr90uL9LLS80CVVnvnaQheT9A3p0JHT13l97PspMthtShjdO2J3rUnuimZRlwrKo=
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 408B
1 KB
899 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=37139&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
d158a04a3f507a4bdd3446aebe62ff89f18faba6d95520eeb467dbd56a118064

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
668
expires
Thu, 09 Apr 2020 14:53:04 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 408B
1 KB
895 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=37139&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
ec54115c834b43a24c4044dfeb1ecc53e1625685042673395bf523d0d677fc82

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
expires
Thu, 09 Apr 2020 14:53:04 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 408B
1 KB
899 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=37139&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
a1206604eb3bc8cead6f5240c64cc658b1baa703e65da2380496fe0548171630

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
668
expires
Thu, 09 Apr 2020 14:53:04 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 408B
487 B
4 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1078234&size_id=15%3B2%3B15&alt_size_ids=10%3B19%2C43%2C44%2C117%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,37139,1,,,&rf=https%3A%2F%2Fkurs.com.ua&kw=37139&tg_i.siteid=37139&tk_flint=pbjs_lite_v2.44.5&x_source.tid=14cc7374-cb8d-4552-ac98-9fdb45c533f0%3Ba024452e-9d97-47fb-9284-787490457b9f%3B2554082e-c796-4d0b-9e18-91d502caef2d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.629974215803937
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
bd025f3195b71089130abd32dd4003aaad8c4097a5a7268b18bb6293581ae286

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:04 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=394
Content-Length
487
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ Frame 408B
24 B
1009 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=385247&v=7.2&r=%7B%22id%22%3A%2293c641d636d87c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210821cf92562f68%22%2C%22ext%22%3A%7B%22siteID%22%3A%22385247%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221197b5283c6a056%22%2C%22ext%22%3A%7B%22siteID%22%3A%22385247%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2212375c63da65f68%22%2C%22ext%22%3A%7B%22siteID%22%3A%22385247%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-15-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e376bc662a5ac5ec5f253c455dc0ea0272bcf6f56f51c8acce84e6de3db9f80f

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Wed, 08 Apr 2020 14:53:05 GMT
adjson
ads.betweendigital.com/ Frame 408B
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150...
0
-1 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
adjson
ads.betweendigital.com/ Frame 408B
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=15...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=15...
0
-1 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
adjson
ads.betweendigital.com/ Frame 408B
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150...
0
-1 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
prebid-request
onetag-sys.com/ Frame 408B
15 B
482 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
prebid
ib.adnxs.com/ut/v3/ Frame 408B
379 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
262820bf32a5c69cae67c557ffe7faf27e48ad40dba80cab7d8a00142fd12a99
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:06 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.173:80
AN-X-Request-Uuid
8f783d28-6a3a-41a9-b17a-9283c7ffea10
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
379
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ssp.otm-r.com/ Frame 408B
Redirect Chain
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
0
-1 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff

Redirect headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff
adjson
ssp.otm-r.com/ Frame 408B
Redirect Chain
  • https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&
  • https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
0
-1 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

location
/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff

Redirect headers

location
/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff
adjson
ssp.otm-r.com/ Frame 408B
Redirect Chain
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
0
-1 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff

Redirect headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 408B
374 B
681 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fnewkursru.llell.dev.mezhbank.kiev.ua%252F&CanonicalUrl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5dab7f4c116707fb3da357d8302372d6d77b8a9cb57f927eb5d5110f239a4f34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
status
200
x-envoy-upstream-service-time
415
vary
Accept-Encoding
content-length
203
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ Frame 408B
0
166 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.5&cb=39615780582
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 08 Apr 2020 14:53:04 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 408B
376 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
fc6f9bce5aaaaedf1430cda83b14e5c9bf1ec7ee04f5f5daa8c25c209df6dbae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:07 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.123:80
AN-X-Request-Uuid
ba49a07d-797e-41ad-ba5d-404d643646f3
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
376
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ice.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru....
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewk...
0
-1 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
302
access-control-allow-credentials
true
content-type
text/plain
content-length
0

Redirect headers

date
Wed, 08 Apr 2020 14:53:05 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
access-control-allow-credentials
true
content-type
text/plain
content-length
0
adjson
ads.betweendigital.com/ Frame 408B
2 B
274 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=5001401997646906&tz=-120&fl=0&rr=direct&w=300&h=600&s=3188547&bidid=14bb54199a06117&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
adjson
ads.betweendigital.com/ Frame 408B
2 B
274 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=1025437391591852.4&tz=-120&fl=0&rr=direct&w=728&h=90&s=3188543&bidid=15ade262af7a9fe&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
adjson
ads.betweendigital.com/ Frame 408B
2 B
274 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=9575543922464620&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=161e922a1048b4a&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&cur=USD&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
w3wjbhz21z_big.thumb.jpg.d41dd6bdec00612a7bb874c9998b3186.jpg
kurs.com.ua/uploads/monthly_2020_04/
34 KB
34 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/w3wjbhz21z_big.thumb.jpg.d41dd6bdec00612a7bb874c9998b3186.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7c3b65a7e53b32da05916850a0088195fe448678e92c46502f3193cf58094a

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
2908
cf-polished
origSize=35222, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
34861
last-modified
Wed, 08 Apr 2020 13:59:45 GMT
server
cloudflare
etag
"5e8dd8d1-8996"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff183558-LHR
expires
Wed, 22 Apr 2020 14:04:37 GMT
hbc5snni0c_big.thumb.jpg.ba9449425ee04b7870c9beac6fae556d.jpg
kurs.com.ua/uploads/monthly_2020_04/
33 KB
33 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/hbc5snni0c_big.thumb.jpg.ba9449425ee04b7870c9beac6fae556d.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72fbbb9441e7f78c2b34057473f51920816b404200e8a31f3d4a34e32ca1a8a0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
3656
cf-polished
origSize=34875, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
33941
last-modified
Wed, 08 Apr 2020 13:46:18 GMT
server
cloudflare
etag
"5e8dd5aa-883b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff193558-LHR
expires
Wed, 22 Apr 2020 13:52:09 GMT
ez37p56jr7_big.thumb.jpg.71fc8c8c8ed232c2ad4c8ff5369d2f91.jpg
kurs.com.ua/uploads/monthly_2020_04/
35 KB
35 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/ez37p56jr7_big.thumb.jpg.71fc8c8c8ed232c2ad4c8ff5369d2f91.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0462bb4e7e07a0df893f214538d0723d36ef8064b39cd246bcffb5065e0fee6a

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
11917
cf-polished
origSize=37309, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
35804
last-modified
Wed, 08 Apr 2020 11:32:51 GMT
server
cloudflare
etag
"5e8db663-91bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff213558-LHR
expires
Wed, 22 Apr 2020 11:34:28 GMT
b2m9jp4gnl_big.thumb.jpg.57c4b8eca3bae31916547f00b747f36e.jpg
kurs.com.ua/uploads/monthly_2020_04/
35 KB
35 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/b2m9jp4gnl_big.thumb.jpg.57c4b8eca3bae31916547f00b747f36e.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e5c5937857f0b3869664544fff1669fc02b2cd5183af35c570de4247f68e36

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
12910
cf-polished
origSize=36224, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
35913
last-modified
Wed, 08 Apr 2020 11:15:09 GMT
server
cloudflare
etag
"5e8db23d-8d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff1a3558-LHR
expires
Wed, 22 Apr 2020 11:17:55 GMT
hhvh_7myeu_big.thumb.jpg.e0c56049a24547ba9d04f0add9a6481d.jpg
kurs.com.ua/uploads/monthly_2020_04/
25 KB
26 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/hhvh_7myeu_big.thumb.jpg.e0c56049a24547ba9d04f0add9a6481d.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30284ec0ed52ca2eaaff25563d4d2eb70678737f7e139c648f8674bbf19cd64d

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
13229
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
25995
last-modified
Wed, 08 Apr 2020 11:07:15 GMT
server
cloudflare
etag
"5e8db063-658b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff1c3558-LHR
expires
Wed, 22 Apr 2020 11:12:36 GMT
q7yn3koyc2_big.thumb.jpg.eae1f28ab5988daa1dab412f9edab7c6.jpg
kurs.com.ua/uploads/monthly_2020_04/
20 KB
20 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/q7yn3koyc2_big.thumb.jpg.eae1f28ab5988daa1dab412f9edab7c6.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45015ac67dd6dfde0ee4794b377d3c62c4552c7a0ad5cb08fa6284e1b52715f0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
15834
cf-polished
origSize=20269, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
20169
last-modified
Wed, 08 Apr 2020 10:28:10 GMT
server
cloudflare
etag
"5e8da73a-4f2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff1e3558-LHR
expires
Wed, 22 Apr 2020 10:29:11 GMT
73j1fqxab5_big.thumb.jpg.ff5038db6aec13172bc3107ac763505e.jpg
kurs.com.ua/uploads/monthly_2020_04/
68 KB
69 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/73j1fqxab5_big.thumb.jpg.ff5038db6aec13172bc3107ac763505e.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb4737eded28bd5bbb1d5ca0eb494571281f2eb0b00d03333f37f985686eb5d

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
16559
cf-polished
origSize=75532, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
70024
last-modified
Wed, 08 Apr 2020 10:16:46 GMT
server
cloudflare
etag
"5e8da48e-1270c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff2a3558-LHR
expires
Wed, 22 Apr 2020 10:17:06 GMT
h2gm3fvyub_big.thumb.jpg.e0d28269a6062a0345e35c211eb4f06a.jpg
kurs.com.ua/uploads/monthly_2020_04/
40 KB
40 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/h2gm3fvyub_big.thumb.jpg.e0d28269a6062a0345e35c211eb4f06a.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bdf8f5ee75dd546892abb4aa79f5ee19d4bf9e9efbf3fa494760754b2fe3a6

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
18918
cf-polished
origSize=45168, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
41019
last-modified
Wed, 08 Apr 2020 09:32:00 GMT
server
cloudflare
etag
"5e8d9a10-b070"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0daff2b3558-LHR
expires
Wed, 22 Apr 2020 09:37:47 GMT
stuy6kkljq_big.thumb.jpg.d80d0a6148acc4c2189fe7d70de49583.jpg
kurs.com.ua/uploads/monthly_2020_04/
21 KB
22 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/stuy6kkljq_big.thumb.jpg.d80d0a6148acc4c2189fe7d70de49583.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22312557b51bd8a1695096faed0681c6839debe95de5e644a86993567ee5fe67

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
24088
cf-polished
origSize=22405, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
21981
last-modified
Wed, 08 Apr 2020 08:05:41 GMT
server
cloudflare
etag
"5e8d85d5-5785"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0db1f393558-LHR
expires
Wed, 22 Apr 2020 08:11:37 GMT
md8km8fep5_big.thumb.jpg.16d5d902c2a917df356f2a00c8164f15.jpg
kurs.com.ua/uploads/monthly_2020_04/
34 KB
34 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/md8km8fep5_big.thumb.jpg.16d5d902c2a917df356f2a00c8164f15.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7f3ecd4cf11cc4601b68032b02594ef499cf715278b26e59713397161d7b95

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
29645
cf-polished
origSize=34722, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
34457
last-modified
Wed, 08 Apr 2020 06:38:44 GMT
server
cloudflare
etag
"5e8d7174-87a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0db1f3a3558-LHR
expires
Wed, 22 Apr 2020 06:39:00 GMT
k7jhz5l25y_big.thumb.jpg.d2a0771dca5186c23195d3515d58526a.jpg
kurs.com.ua/uploads/monthly_2020_04/
37 KB
37 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/k7jhz5l25y_big.thumb.jpg.d2a0771dca5186c23195d3515d58526a.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf60262cc3a147e339a1a61ea7bf9118127ce3e33d4ebfca98381f91d5d50fb2

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
30552
cf-polished
origSize=39130, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
37691
last-modified
Wed, 08 Apr 2020 05:53:22 GMT
server
cloudflare
etag
"5e8d66d2-98da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0db1f3b3558-LHR
expires
Wed, 22 Apr 2020 06:23:53 GMT
m75iq50r2d_big.thumb.jpg.1fded19213aaeaec0afe8b20b784ff12.jpg
kurs.com.ua/uploads/monthly_2020_04/
17 KB
17 KB
Image
General
Full URL
https://kurs.com.ua/uploads/monthly_2020_04/m75iq50r2d_big.thumb.jpg.1fded19213aaeaec0afe8b20b784ff12.jpg
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.21.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c0bc8c45286f77ce1ca024a3b78cde14867f17853f1b49944172f3a4c677b1

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
HIT
age
30552
cf-polished
origSize=17769, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
17539
last-modified
Wed, 08 Apr 2020 05:49:08 GMT
server
cloudflare
etag
"5e8d65d4-4569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
580cd0db1f3d3558-LHR
expires
Wed, 22 Apr 2020 06:23:53 GMT
wckr.php
tag.leadplace.fr/ Frame CD6D
0
0
Document
General
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

Server
nginx/1.14.2
Date
Wed, 08 Apr 2020 14:53:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30196
gen_204
pagead2.googlesyndication.com/pagead/ Frame D681
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032401&jk=971909435802074&bg=!u7iluKBYoGHIb7-2XAoCAAABKVIAAAAhmQF2lDqBxjrAPpUjghPapflnt7gKsrbZ5Ww01nbPfAp7yDJW4SdnF4qlgr-gB8ots_ud1_A7vYrT1JVQuT7FxS5W-Z4pVTONPmtbtIz4PAfMZSMJTCLY7WhX2-AoAVDe9k-SboXTTOb19pX6vRuR8Em33E9Xd80eNwCrOn8ZHINHwWs--rpURFjImjytMqnW3GBv14Rrw_kjC8KXuzFNsFMf198jD35kCC2BmRZDbB5OzuP5ZQ1FJCAqNbBE5T9VMXNByJJDk0PPVyGy-962x9WFH9QSY_zK9Jqkh1HYb60R3ydP-RmzTsYJ0pC9e_vUKLSV1LD2gLZZNXW-XGHDc9J0CaxFvLuzVk33tGZFNZkuEzEsKdkAETXUCcufDVA2uYFfLi0fZXDpshFhE-gFd-tm6od9pdBQwhmuGYXjqZl2xoorEXtj2-pEOvfP8dQfrQ9XVOZ4CkysIzpw_6HicwDmajvYdbsrvZoMSgHYS4StzYpPV-pj50M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ Frame 408B
62 KB
18 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
51F4B7E3CC2DA264
status
200
x-amz-id-2
x8Nb18iaokEMIzu/pI7dEmd1KVrrkmvK3EClogHcz/fOHZnWySwcN9nzP8gN3zvze1k5pbIvIDA=
last-modified
Mon, 06 Apr 2020 11:18:49 GMT
server
cloudflare
etag
W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
580cd0dadce0d72d-FRA
monitoring-tz.js
acdn.prod.pubstack.io/ Frame 408B
71 KB
21 KB
XHR
General
Full URL
https://acdn.prod.pubstack.io/monitoring-tz.js
Requested by
Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/2ba25742-4565-42ad-81bd-3da1c70449a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b239855938c1575a38dfe1e845f45b44d1ca61089ac317a41cc905083766cf9

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 08 Apr 2020 14:53:04 GMT
content-encoding
br
x-azure-ref-originshield
0wuKNXgAAAAB9el8GuAlTRYgucFrHD1ofQU1TRURHRTA2MTcAMWQ5ZWE5NzctYWI2Ny00N2M3LTkzYTUtMzIzYzA3MDkwMTQy
content-md5
SUkVMNiLiKAC7t1dIPR0Tw==
x-cache
TCP_HIT
status
200
content-disposition
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Mon, 30 Mar 2020 08:08:50 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
"0x8D7D481949EBAC6"
x-azure-ref
0UeWNXgAAAAA7sbI9KUKQRpIdil2WZS5gRlJBRURHRTEwMTMAMWQ5ZWE5NzctYWI2Ny00N2M3LTkzYTUtMzIzYzA3MDkwMTQy
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
96b96b58-401e-0006-74b2-0dc1ae000000
cache-control
public, max-age=3600
x-ms-version
2014-02-14
accept-ranges
bytes
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 408B
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 23 Jan 2020 18:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6552694
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jan 2021 18:41:31 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Frame 408B
1 KB
967 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:07:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2729
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_Co3czMCqaq6L9INXEgy3tqjtso9wamgGD4bBGp6FbSQbCeqtOBxMg==
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
sync
s.cpx.to/ Frame 408B
Redirect Chain
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&fck=221a52c32e02ff15&cbp=dsp_uid
  • https://s.cpx.to/sync?dsp_uid=99dbdb2ad608152066bc51f3bf015830&fck=221a52c32e02ff15
95 B
708 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=99dbdb2ad608152066bc51f3bf015830&fck=221a52c32e02ff15
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-172-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Wed, 08 Apr 2020 14:53:05 GMT

Redirect headers

date
Wed, 08 Apr 2020 14:53:05 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
302
to-dmp-balancer
balancer2-dmp-nyc1-do.truoptik.com
content-length
154
pragma
no-cache
to-dmp-sync
sync6-dmp-nyc1-do.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
location
https://s.cpx.to/sync?dsp_uid=99dbdb2ad608152066bc51f3bf015830&fck=221a52c32e02ff15
content-type
text/html
access-control-allow-origin
*
cache-control
no-store
cf-ray
580cd0db79bfdc37-LHR
expires
0
sync
s.cpx.to/ Frame 408B
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4A058DC-9AA2-408F-B85E-5F90EC14CC6D&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4A058DC-9AA2-408F-B85E-5F90EC14CC6D&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-172-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Wed, 08 Apr 2020 14:53:05 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4A058DC-9AA2-408F-B85E-5F90EC14CC6D&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Date
Wed, 08 Apr 2020 14:53:05 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
an_fire
s.cpx.to/ Frame 408B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D45edd18d-3714-4f26-ae8b-f9a569c82496
  • https://s.cpx.to/an_fire?app_nexus_uid=4892474757351772520&pid=11528&ref=&hn_ver=10&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=4892474757351772520&pid=11528&ref=&hn_ver=10&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-172-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 08 Apr 2020 14:53:06 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Wed, 08 Apr 2020 14:53:06 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:08 GMT
AN-X-Request-Uuid
c379a51c-4ca1-4817-8cd3-40e6a86192ac
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=4892474757351772520&pid=11528&ref=&hn_ver=10&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca.png
s.cpx.to/ Frame 408B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_gid=CAESEMKV--TsmB0LARV_72HexXc&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_gid=CAESEMKV--TsmB0LARV_72HexXc&google_cver=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.172.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-172-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
Date
Wed, 08 Apr 2020 14:53:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:05 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=45edd18d-3714-4f26-ae8b-f9a569c82496&google_gid=CAESEMKV--TsmB0LARV_72HexXc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pool.grid-data.bidswitch.net/ Frame 408B
43 B
300 B
Image
General
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.173.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 14:53:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
ps.eyeota.net/ Frame 408B
0
344 B
Script
General
Full URL
https://ps.eyeota.net/pixel?pid=dnkh51u&t=ajs%22
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 14:53:05 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
adjson
ssp.otm-r.com/ Frame 408B
2 B
356 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=26700d301a923e1&transactionid=14cc7374-cb8d-4552-ac98-9fdb45c533f0&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
X-Content-Type-Options
nosniff
content-type
application/json
adjson
ssp.otm-r.com/ Frame 408B
2 B
356 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=1090&bidid=277ba723219c456&transactionid=a024452e-9d97-47fb-9284-787490457b9f&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
X-Content-Type-Options
nosniff
content-type
application/json
hb
ice.360yield.com/ul_cb/ Frame 408B
9 KB
4 KB
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2244c949e4b202fa8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241c4a22b59364f4%22%2C%22pid%22%3A%2222047882%22%2C%22tid%22%3A%2214cc7374-cb8d-4552-ac98-9fdb45c533f0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22422ba374930b11a%22%2C%22pid%22%3A%2222174826%22%2C%22tid%22%3A%22a024452e-9d97-47fb-9284-787490457b9f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%224335ff39b5fc23e%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%222554082e-c796-4d0b-9e18-91d502caef2d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
113f1dc8343907cb6a857ce369602c5e63e6375cf4828458b82b0ffba1ffa160

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:05 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
3792
adjson
ssp.otm-r.com/ Frame 408B
2 B
356 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=2883c1f310d7cbc&transactionid=2554082e-c796-4d0b-9e18-91d502caef2d&auctionid=150d302e-bdde-4580-a68b-d4cc92ac7112&bidfloor=undefined&crf=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
X-Content-Type-Options
nosniff
content-type
application/json
notifyme.php
adtrack.adleadevent.com/ Frame 408B
0
547 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Apr 2020 14:53:05 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel;r=1153778369;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F;fpan=1;fpa=P0-4973093-1586357585589;ns=1;ce=1;qjs=1;qv=0e9a7da...
pixel.quantserve.com/ Frame 408B
35 B
658 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1153778369;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F;fpan=1;fpa=P0-4973093-1586357585589;ns=1;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1586357585588;tzo=-120;ogl=
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.158 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:07 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D681
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=0
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6810cfc3-0607-4475-bfa8-ef6bd7d14906&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVLoQ8vwif8XCMICiDaWXk&google_cver=1
43 B
117 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVLoQ8vwif8XCMICiDaWXk&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.183.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:07 GMT
via
1.1 google
server
OXGW/16.183.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:07 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOVLoQ8vwif8XCMICiDaWXk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ac
ww1097.smartadserver.com/ Frame 408B
22 B
2 KB
Script
General
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=306519&pgid=1112956&fmtid=26300&async=1&visit=m&tmstp=7076776893&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,37139,1,kurs.com.ua,kurs.com.ua
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-smrt-d
3%3b15%3b117
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
/
c.tmyzer.com/c/ Frame 408B
0
200 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=37139&f=2&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 14:52:54 GMT
Server
nginx
X-IPLB-Instance
20688
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 408B
66 KB
21 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b688a376067d22eca0c258817d091ea11a0e7a8d0fdd10fbf781b6a1a2f4aeb9

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:07 GMT
content-encoding
gzip
last-modified
Tue, 17 Mar 2020 08:43:02 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5e708d96-107de"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 09 Apr 2020 14:53:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4FED
107 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39159
x-xss-protection
0
server
cafe
etag
18139634824200265979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:08 GMT
impression
intake.prod.pubstack.io/v1/intake/ Frame 408B
0
57 B
XHR
General
Full URL
https://intake.prod.pubstack.io/v1/intake/impression?sId=dd8810a6&c=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
access-control-allow-origin
*
date
Wed, 08 Apr 2020 14:53:08 GMT
integrator.js
adservice.google.de/adsid/ Frame 4FED
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4FED
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/ Frame 4FED
215 KB
81 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
82821
x-xss-protection
0
server
cafe
etag
14107941289507204222
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:08 GMT
/
www5.plant-for-the-planet.org/assets/300250/ Frame 0E06
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8376169300140203&output=html&h=250&slotname=1679351279&adk=487650184&adf=2952223782&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=...
  • https://www5.plant-for-the-planet.org/assets/300250/
0
0
Document
General
Full URL
https://www5.plant-for-the-planet.org/assets/300250/
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www5.plant-for-the-planet.org
:scheme
https
:path
/assets/300250/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:08 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dcff40c565c8b1cee2d10464f17a1dd511586357588; expires=Fri, 08-May-20 14:53:08 GMT; path=/; domain=.plant-for-the-planet.org; HttpOnly; SameSite=Lax; Secure
cf-ray
580cd0f09a41d6e5-FRA
access-control-allow-origin
*
age
196
cache-control
max-age=600
expires
Tue, 07 Apr 2020 16:18:32 GMT
last-modified
Sun, 05 Apr 2020 20:55:15 GMT
vary
Accept-Encoding
via
1.1 varnish
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
x-cache-hits
13
x-fastly-request-id
fe4f2b1ade0f3d7e4350ce3ad901d87a2aaf5be6
x-github-request-id
E3BE:2753:22655:2B405:5E8CA580
x-proxy-cache
MISS
x-served-by
cache-fra19180-FRA
x-timer
S1586357589.597778,VS0,VE0
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://www5.plant-for-the-planet.org/assets/300250/
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Apr 2020 14:53:08 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4FED
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200402&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ce5ab3e8c80fccd290a3cd02666f8708dd4c8f54612efa6f0d36a4736a54a75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5218
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4FED
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27981
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4FED
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 3B1B
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Wed, 08 Apr 2020 14:18:16 GMT
expires
Thu, 08 Apr 2021 14:18:16 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2092
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
error
intake.prod.pubstack.io/v1/intake/ Frame 408B
0
57 B
XHR
General
Full URL
https://intake.prod.pubstack.io/v1/intake/error?sId=dd8810a6&c=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
access-control-allow-origin
*
date
Wed, 08 Apr 2020 14:53:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FED
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200402&jk=468445346471562&bg=!WlmlWUFY9jdu_HVOn2gCAAAAQ1IAAAANmQGqetqKMWyiRvJLaa0oNl6lIP3g7pfte6t-QxFSq-JyekxaD7z8pTCvP_H7bXnc5zHBM2DXeO6g0ODvw6OP1wD-IRGPXAn2cBG1-RnAOL9JO8zwl0kAEBSZmetWzMI0BbgAmLfAXh5e--oRi0bZ7_DUcwzTnZN7zeMY9kM4WJV7owVsru6Le0T2CbjGgomPKDvbx1HTLvyvKP_-jlCt7ls0M3x0NH1kBMUDQG1lcJgdFHdwGdplzadMUezdiDomItiGsnJveJZa5k3jXsqth64JsAuiUD7qT_8DHphxcN8hRLZDia08L4cyOvZ8OFZX3nBC7tLO8HgIKkN7wtSHG5l9iPPCbc4lmM5ksxOuHnkFIr8NWlIlqJyB558tDaiIyC2JFMEWobwrhehDNa20Ld9qRsaHYpcV0nsllKaACgzbIaJiygJdwHsXBWEtYM7mprygsWK7wzpao3ZpDE7GBrr_sHFaTP5lSrNBbkVjzflg02LxOvJzUadkMSxo0l961vufk3yP01uWG5tFBiaC0Khv9KPHSsQXhjGgMMomiZA5Hn9bCA1keXr1Dtl-
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12.json
id5-sync.com/g/v1/ Frame 408B
130 B
464 B
XHR
General
Full URL
https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.39.67.46 , France, ASN16276 (OVH, FR),
Reverse DNS
s08.id5-sync.com
Software
/
Resource Hash
b5dba9f39abca5487ff95d0b8a5ea2ba7c56b8c51f6a684d031d7628042d79d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Date
Wed, 08 Apr 2020 14:53:10 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
text/json;charset=utf-8
sspmatch-iframe
ads.betweendigital.com/ Frame C64F
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
0
0
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe?crf=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=4856fefe-623b-5263-bf9a-fe44e1171b12; ut=Xo3lVgAOQHCf8rJ8-iV58bVWyPW4dOUS-rFbSw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658

Redirect headers

status
302
location
/sspmatch-iframe?crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
dc=lux1; Max-Age=315360000; Expires=Sat, 06 Apr 2030 14:53:10 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=4856fefe-623b-5263-bf9a-fe44e1171b12; Max-Age=315360000; Expires=Sat, 06 Apr 2030 14:53:10 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=Xo3lVgAOQHCf8rJ8-iV58bVWyPW4dOUS-rFbSw==; Max-Age=315360000; Expires=Sat, 06 Apr 2030 14:53:10 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sat, 06 Apr 2030 14:53:10 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length
0
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B19F
0
0
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4161489717426084521; anj=dTM7k!M4/8F7/.XF']wIg2GTsqQHGU!fss0=Ir4A3KL9D3NpPB!!+U]')O]5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Content-Length
506
Accept-Ranges
bytes
Date
Wed, 08 Apr 2020 14:53:11 GMT
Age
21273076
Connection
keep-alive
X-Served-By
cache-jfk8138-JFK, cache-fra19177-FRA
X-Cache
HIT, HIT
X-Cache-Hits
391291, 2710930
X-Timer
S1586357591.035646,VS0,VE0
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D43
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Fri, 03 Apr 2020 17:00:48 GMT
Content-Encoding
gzip
Content-Length
9105
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=24773
Expires
Wed, 08 Apr 2020 21:46:04 GMT
Date
Wed, 08 Apr 2020 14:53:11 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A3E3
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1586357585013
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1586357585013
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
match
match.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SLnziYAtQhyqI1mV4bu2Ig&google_cm&publisher_dsp_id=340
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1
43 B
436 B
Image
General
Full URL
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:11 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 08 Apr 2020 14:53:10 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://match.360yield.com:443/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEPwTHckgOdlN0b7g0ZzDjmY&google_cver=1
content-type
text/plain
match
ad.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1
43 B
434 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:11 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 08 Apr 2020 14:53:10 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA&external_user_id=CAESEBkNiasKRQd7k7oiEhRxbJw&google_cver=1
content-type
text/plain
match
ad.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f
43 B
445 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:11 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 08 Apr 2020 14:53:11 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=167&external_user_id=1c9b10da-0694-44e5-87dd-cf05dfb4565f
content-type
text/plain
match
ad.360yield.com/ Frame 408B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AA...
  • https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=48b9f389-802d-421c-aa23-5995e1bbb622&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AA...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dimprove%26expires%3D30
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4856fefe-623b-5263-bf9a-fe44e1171b12&ssp=improve&expires=30
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=072f8754-6dbc-44ef-ac41-1e62770f67b2
43 B
528 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=072f8754-6dbc-44ef-ac41-1e62770f67b2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:11 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 08 Apr 2020 14:53:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//ad.360yield.com/match?publisher_dsp_id=191&external_user_id=072f8754-6dbc-44ef-ac41-1e62770f67b2
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
ice.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
  • https://ice.360yield.com/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
  • https://ice.360yield.com/ul_cb/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
43 B
424 B
Image
General
Full URL
https://ice.360yield.com/ul_cb/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:11 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Wed, 08 Apr 2020 14:53:10 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ice.360yield.com:443/ul_cb/match?external_user_id=4161489717426084521&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOxhHAvCLAAAENDE-AAAAu3AAA
content-type
text/plain
auction
intake.prod.pubstack.io/v1/intake/ Frame 408B
0
57 B
XHR
General
Full URL
https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&c=3
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
access-control-allow-origin
*
date
Wed, 08 Apr 2020 14:53:11 GMT
cygnus
as-sec.casalemedia.com/ Frame 408B
25 B
1010 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=385247&v=7.2&r=%7B%22id%22%3A%22531777507a0fcf9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2254174b6e958520e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22385247%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-15-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5ed45c9b85aefbcfecf23666886b572abdf8fe698eb2a449831259447e8118c1

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 08 Apr 2020 14:53:22 GMT
adjson
ads.betweendigital.com/ Frame 408B
Redirect Chain
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956...
  • https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956...
0
-1 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD&crf=1

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-length
0
location
/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD&crf=1
prebid
ib.adnxs.com/ut/v3/ Frame 408B
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
83d3ff073b71ea539e67b199dd9481c6834c4f79a9784236b74db6b0a3f3d114
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:24 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.119:80
AN-X-Request-Uuid
853fcc48-449f-420e-b90e-1c4dc5c9690d
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ Frame 408B
1 KB
899 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=37139&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
a1206604eb3bc8cead6f5240c64cc658b1baa703e65da2380496fe0548171630

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:22 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
668
expires
Thu, 09 Apr 2020 14:53:22 GMT
prebid-request
onetag-sys.com/ Frame 408B
15 B
482 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
hb
ice.360yield.com/ul_cb/ Frame 408B
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru....
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewk...
0
-1 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 14:53:22 GMT
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
302
access-control-allow-credentials
true
content-type
text/plain
content-length
0

Redirect headers

date
Wed, 08 Apr 2020 14:53:22 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
access-control-allow-credentials
true
content-type
text/plain
content-length
0
cdb
bidder.criteo.com/ Frame 408B
0
166 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=87&profileId=185&av=23&wv=2.44.5&cb=4237975104
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 08 Apr 2020 14:53:22 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
timing-allow-origin
*
vary
Origin
adjson
ssp.otm-r.com/ Frame 408B
Redirect Chain
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&
  • https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
0
-1 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff

Redirect headers

location
/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
X-Content-Type-Options
nosniff
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 408B
256 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1078234&size_id=15&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,37139,1,,,&rf=https%3A%2F%2Fkurs.com.ua&kw=37139&tg_i.siteid=37139&tk_flint=pbjs_lite_v2.44.5&x_source.tid=e229244e-f57c-46cb-b989-bf5480318c37&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6928394517615133
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
2531942cec3153ae423a5a0e99e8f5c709ec1e501cb786283d52cf1417869447

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:22 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=177
Content-Length
256
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 408B
187 B
313 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fnewkursru.llell.dev.mezhbank.kiev.ua%252F&CanonicalUrl=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
67862225030f7d9010acba5a8fe918965014eec1ca35bbb95f02c7ab111b5a3a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
status
200
x-envoy-upstream-service-time
165
vary
Accept-Encoding
content-length
150
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 408B
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
694e42c62a41dd6a3fab1a59f594f53d0f705a7ddab08adc6c30cf12306edb3a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 08 Apr 2020 14:53:24 GMT
X-Proxy-Origin
5.226.139.163; 5.226.139.163; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.199:80
AN-X-Request-Uuid
d522ec80-cdf0-40eb-a18d-ee4777c704cd
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ Frame 408B
2 B
274 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?jst=hb&ord=9625146641482242&tz=-120&fl=0&rr=direct&w=300&h=300&s=3188545&bidid=56c38f7a24a6cbc&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&cur=USD&crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
hb
ice.360yield.com/ul_cb/ Frame 408B
3 KB
2 KB
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2275d101b4e1e2922%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2237139%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22644e867ca5f9881%22%2C%22pid%22%3A%2222176361%22%2C%22tid%22%3A%22e229244e-f57c-46cb-b989-bf5480318c37%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa69699900f33113728630022ed8d5f5d39d35e71afcb7e19d8340bb5e995d1f

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 Apr 2020 14:53:22 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1764
adjson
ssp.otm-r.com/ Frame 408B
2 B
356 B
XHR
General
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=300&h=250&s=1090&bidid=684375d5919f932&transactionid=e229244e-f57c-46cb-b989-bf5480318c37&auctionid=956cb582-b254-43a2-89c5-e01d96ee667c&bidfloor=undefined&crf=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.100.76 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
Connection
close
X-Content-Type-Options
nosniff
content-type
application/json
ac
ww1097.smartadserver.com/ Frame 408B
22 B
2 KB
Script
General
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=306519&pgid=1112956&fmtid=26300&async=1&visit=s&tmstp=7076776893&tag=sas_26300&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fnewkursru.llell.dev.mezhbank.kiev.ua%2F&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,37139,1,kurs.com.ua,kurs.com.ua
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:22 GMT
content-encoding
gzip
vary
Accept-Encoding
x-smrt-d
3%3b9%3b63
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
/
c.tmyzer.com/c/ Frame 408B
0
200 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=37139&f=2&fi=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Apr 2020 14:53:23 GMT
Server
nginx
X-IPLB-Instance
20685
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
auction
intake.prod.pubstack.io/v1/intake/ Frame 408B
0
57 B
XHR
General
Full URL
https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&c=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
access-control-allow-origin
*
date
Wed, 08 Apr 2020 14:53:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C73D
107 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39159
x-xss-protection
0
server
cafe
etag
18139634824200265979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:23 GMT
integrator.js
adservice.google.de/adsid/ Frame C73D
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C73D
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newkursru.llell.dev.mezhbank.kiev.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/ Frame C73D
215 KB
81 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
82821
x-xss-protection
0
server
cafe
etag
14107941289507204222
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Apr 2020 14:53:23 GMT
/
www5.plant-for-the-planet.org/assets/300250/ Frame 3913
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8376169300140203&output=html&h=250&slotname=3156059159&adk=664605230&adf=3590127634&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=...
  • https://www5.plant-for-the-planet.org/assets/300250/
0
0
Document
General
Full URL
https://www5.plant-for-the-planet.org/assets/300250/
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www5.plant-for-the-planet.org
:scheme
https
:path
/assets/300250/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
date
Wed, 08 Apr 2020 14:53:23 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d524ede33f21ad1c0b0c7603fc03f23051586357603; expires=Fri, 08-May-20 14:53:23 GMT; path=/; domain=.plant-for-the-planet.org; HttpOnly; SameSite=Lax; Secure
cf-ray
580cd14fe8f0d6e5-FRA
access-control-allow-origin
*
age
212
cache-control
max-age=600
expires
Tue, 07 Apr 2020 16:18:32 GMT
last-modified
Sun, 05 Apr 2020 20:55:15 GMT
vary
Accept-Encoding
via
1.1 varnish
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
x-cache-hits
21
x-fastly-request-id
ecfb02307ef8909d17ffff3bcd0dbab77931dd31
x-github-request-id
E3BE:2753:22655:2B405:5E8CA580
x-proxy-cache
MISS
x-served-by
cache-fra19157-FRA
x-timer
S1586357604.844232,VS0,VE0
server
cloudflare
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://www5.plant-for-the-planet.org/assets/300250/
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 08 Apr 2020 14:53:23 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 08-Apr-2020 15:08:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ Frame C73D
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200402&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cfa30a10242a83a06e0a9412eb05180406204d47dcfe45589b80b80fc23f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5141
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame C73D
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585953408266222"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27981
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:23 GMT
impression
intake.prod.pubstack.io/v1/intake/ Frame 408B
0
57 B
XHR
General
Full URL
https://intake.prod.pubstack.io/v1/intake/impression?sId=dd8810a6&c=1
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
Origin
https://newkursru.llell.dev.mezhbank.kiev.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
access-control-allow-origin
*
date
Wed, 08 Apr 2020 14:53:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C73D
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200402/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 14:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Wed, 08 Apr 2020 14:53:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2E7B
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Wed, 08 Apr 2020 14:18:16 GMT
expires
Thu, 08 Apr 2021 14:18:16 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2107
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame C73D
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200402&jk=4136536244107905&bg=!Li2lLTVYtnDl5kn1V5MCAAAAU1IAAAAPmQGq9kZ63SQKD9HNEZyhIspTd7GAlBg3hPCligeUc-xt9sUon0VRJ02CEi2N9Op-jGvdNZLG-b2gMXA67kEaIEl_3uWF3Mu585zdEf-IFo_Y2jbWlgneliKwRr346BhNYfkxWe01Pc-hUrbHEgZWSp0aHzVPmMHBQnth50NkmdtcGasXbk-nJD8hPB3FAvrLsLcA4LIraoM8RqF0Pmz-ymRV6TMox0VoRbt4PQ2gbAZX4U8zCvIU9GQ3qPvQn3jw3MqEHxI9rdqdztrpV2czgFJf4UYaUygxBWjiLWwxoXyLwu-NnBurqGG7sWs7OFTO1rSQqpNt9STRQG7we3FQ_6bQtUJgb8AZTl8Yy-4TzIM009ftVSYFxlVGJkufCMB4SqZbFuXglepRSVOwqdURFH8zvGeACZx8Pd2maGnPMc_D5nL5BjlSGWuYg4GWf1lXSVI2nQpV7ij3kK5qiaBGCLMzjuZbpLFSQ8GK4EUR3cDD_9tt2atPmFv2BncNAgrA1hoZ6Kzm9rDgKexRDrqm-1ZChE8jx7dOKctE3seGmZPNHbWz0Ms_nQPkf9je
Requested by
Host: newkursru.llell.dev.mezhbank.kiev.ua
URL: https://newkursru.llell.dev.mezhbank.kiev.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newkursru.llell.dev.mezhbank.kiev.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 08 Apr 2020 14:53:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| adblkdetect string| current_page function| fbq function| _fbq function| gtag object| dataLayer object| googletag object| gpt object| container_top object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| container_content_1 object| container_content_2 object| google_tag_manager object| container_content_3 object| container_content_4 string| GoogleAnalyticsObject function| ga object| container_content_bottom object| container_sidebar_1 object| container_sidebar_2 object| container_sidebar_3 object| container_footer function| $ function| jQuery object| Highcharts object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| closure_memoize_cache_ number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| GoogleGcLKhOms object| google_image_requests object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| stroeerCore object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async number| google_global_correlator object| google_prev_clients object| google_iframe_oncopy object| botNewsRequest object| ADAGIO object| invibes

1 Cookies

Domain/Path Name / Value
.mezhbank.kiev.ua/ Name: __gads
Value: ID=43a3252a72e233c7:T=1586357581:S=ALNI_Ma40k9AH7wWNdwWYHpVDFkGFqTGpg

24 Console Messages

Source Level URL
Text
console-api log URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js(Line 6)
Message:
Invalid GPT fixed size specification: []
console-api log URL: https://script.4dex.io/localstore.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://ads.themoneytizer.com/s/requestform.js?siteId=37139&formatId=2(Line 681)
Message:
undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
acdn.prod.pubstack.io
ad.360yield.com
adnet-d.openx.net
ads.betweendigital.com
ads.themoneytizer.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
as-sec.casalemedia.com
bidder.criteo.com
c.amazon-adsystem.com
c.tmyzer.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ced-ns.sascdn.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
counter.yadro.ru
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
g.themoneytizer.net
googleads.g.doubleclick.net
gum.criteo.com
h.holder.com.ua
hb-api.omnitagjs.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
intake.prod.pubstack.io
js-sec.indexww.com
keytarget.adnet.lt
kurs.com.ua
match.360yield.com
match.adsrvr.org
newkursru.llell.dev.mezhbank.kiev.ua
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.quantserve.com
pool.grid-data.bidswitch.net
prebid-eu.creativecdn.com
prg.smartadserver.com
ps.eyeota.net
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssp.otm-r.com
static.criteo.net
stats.g.doubleclick.net
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
tpc.googlesyndication.com
uipglob.semasio.net
us-u.openx.net
ww1097.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www5.plant-for-the-planet.org
x.bidswitch.net
uipglob.semasio.net
104.109.78.125
104.16.92.60
104.22.21.218
108.128.27.24
13.224.199.29
13.225.73.76
13.225.87.39
145.239.192.166
145.239.193.145
151.101.13.108
151.139.241.23
172.217.22.66
172.217.22.98
178.250.2.152
18.184.216.10
18.185.173.123
185.184.8.30
185.255.84.151
185.64.189.110
185.86.137.17
185.86.137.32
188.42.196.115
193.200.125.237
2001:4de0:ac19::1:b:1a
23.111.100.76
23.213.15.82
2600:9000:2156:e00:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:2af4
2606:4700::6810:5914
2606:4700::6810:84e5
2606:4700:e6::ac40:c208
2620:1ec:bdf::10
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3100::1735:2a58
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.248.192.154
34.95.120.147
35.158.58.156
37.157.2.237
37.252.172.250
5.39.67.46
51.89.9.251
52.18.172.55
52.57.163.110
54.228.220.169
54.38.64.100
54.77.139.233
69.173.144.141
74.214.194.131
88.212.201.216
91.198.36.35
91.228.74.156
91.228.74.158
94.130.85.248
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
0462bb4e7e07a0df893f214538d0723d36ef8064b39cd246bcffb5065e0fee6a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ad96a982905bcdb6dc17a577e3f8f40141a48ad6e903e56828da102909c791f
0b239855938c1575a38dfe1e845f45b44d1ca61089ac317a41cc905083766cf9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
113f1dc8343907cb6a857ce369602c5e63e6375cf4828458b82b0ffba1ffa160
11730764d7fe6a23ff2946f7f8b4ae29c4fedf3ad935e2d840f6a425594b4019
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
1827bc9c0dcaa6f58c1b69a8b7dcbb05880423cfde41498f671ea700d2eaad71
1834d8805e0cefe2df2337a636e949014d868196f37557ae6bd5c0b267cf105e
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
22312557b51bd8a1695096faed0681c6839debe95de5e644a86993567ee5fe67
2531942cec3153ae423a5a0e99e8f5c709ec1e501cb786283d52cf1417869447
262820bf32a5c69cae67c557ffe7faf27e48ad40dba80cab7d8a00142fd12a99
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
285d9b7cd6a97f1c4fb6e0017b23e102ebbe98818b709d4d51d42f8b4b5c1a05
2da2dc80a7d0151db91ff56760824db8d71941db36d761b0094fabc2be9baf69
30284ec0ed52ca2eaaff25563d4d2eb70678737f7e139c648f8674bbf19cd64d
3ddd084d76dfbdd20bbd034713d7cd7a28555cb5090cdf38f6e04f9943ede144
45015ac67dd6dfde0ee4794b377d3c62c4552c7a0ad5cb08fa6284e1b52715f0
4559399a218ab3a561f6d7ccb48eeda774f68bb9b7ad9cb7222eb979bba431e8
463fedc156bb960b555367ac287e0271e3bb8d835d003ddbe9ccd135ca5863ed
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
470b46386385f6a89858376c7d360f47f7f372bdae7485fd76b26a8e745b0a2f
47e5c5937857f0b3869664544fff1669fc02b2cd5183af35c570de4247f68e36
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c7f67185ed50c5b8680365385ff5d3c68e62552f833c5b7c8e8db63d52de4a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50321f08d7fc45ccd892e1ae254f0b45deff993c4a4e6e0eebd8de10cb0250f9
50c0bc8c45286f77ce1ca024a3b78cde14867f17853f1b49944172f3a4c677b1
536aee3a96cffd2399b074d8e4785fc153fa5026531af4afe5fbbfce22601f2b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cfa30a10242a83a06e0a9412eb05180406204d47dcfe45589b80b80fc23f48
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
58a49aba2952d24d5c951f583105c8dd907b79845509e4952c27d50c0964bdc8
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ce5ab3e8c80fccd290a3cd02666f8708dd4c8f54612efa6f0d36a4736a54a75
5dab7f4c116707fb3da357d8302372d6d77b8a9cb57f927eb5d5110f239a4f34
5ed45c9b85aefbcfecf23666886b572abdf8fe698eb2a449831259447e8118c1
5f270c36258b1ae9b95a89f9585875a3e644cffdcae07eebc3c168f046c5d1bd
64bdf8f5ee75dd546892abb4aa79f5ee19d4bf9e9efbf3fa494760754b2fe3a6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6675d0c809dd10353cc8531fd32e91ff66c5955721f36bb84a5a88f30045a5f8
67862225030f7d9010acba5a8fe918965014eec1ca35bbb95f02c7ab111b5a3a
67dafafac099c2131c4aacaa3ce6cbf6b20d03edd6404bb9ba48368f0ace2bb2
694e42c62a41dd6a3fab1a59f594f53d0f705a7ddab08adc6c30cf12306edb3a
6b1550886dbef8a8de2316a437ed2d6b218dbc0aa8c419ae1022626dd5339dde
6e89063d8b1931fcdbe19673129e9365d4f344f27481ce8a98ca1cb69646a4b3
6f8185be48cdc49d1c09a30569eaab5ed920dd4e2e812273301c4e0936d46035
70b96bff6fcef57df54fdd2339a3ee8c6842b5648f8a0824145498c3e997dd8b
72fbbb9441e7f78c2b34057473f51920816b404200e8a31f3d4a34e32ca1a8a0
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
77afc0a3b90195977242db5f66c125364a2ae2f51c72e9884c5b5cb9ead1ad5b
7a76e5ae5546ebdb1be1c2691f2da3bfeb8f3799b8e83144a2f5fe27d3c22675
7b7f3ecd4cf11cc4601b68032b02594ef499cf715278b26e59713397161d7b95
7bb4737eded28bd5bbb1d5ca0eb494571281f2eb0b00d03333f37f985686eb5d
8042f1c77251992084af7d702683a3207fc06cda02391acb0b31e60cf49bf377
80dab2cb4fc8b5d9f1558edc1fc8be9385ac693c783d460c157eebe2186923f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d3ff073b71ea539e67b199dd9481c6834c4f79a9784236b74db6b0a3f3d114
846fa8242d1815dffc382eb2f35535451fa50b7a5072a63752aeb8de1731ebd2
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
86fd148c4185f19904dc01ffa3558b20920b3dcad13daf87906f5ee07d3d840f
888dd3a769ee09f71b5aa98784e05255b6ac4785cbcdb44f18c3a911d6f31893
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
939299e2e4f1db5a376e445b2ec9b11fe8ad24afbe5abfb252c82269b717c650
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace
a1206604eb3bc8cead6f5240c64cc658b1baa703e65da2380496fe0548171630
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
a3ad1219e20ce4e476af9a3ca25fd06050bd05c631f8763ca30d42ed9bd77eca
a405cfd47a8e088c3f593d9c78825c0a233e7e5ef2df26f5c803c0629eaeb7e3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4ca7784f0e0e5c7eea98a29b032bfbf5f95469aa9cc6766abc7bcaf82a70f13
a551c0e3bcae2fff65b1f5f6718a5df15ae722dd403117495aff558ac86b26cf
a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e
aa69699900f33113728630022ed8d5f5d39d35e71afcb7e19d8340bb5e995d1f
adc97a733962420b1f335655808034c429c44a27df316a5abd3fe31c519e5fce
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b513dff8a20edafbae5775b329585f4ebe3528508178076ccce86700935bff0c
b5dba9f39abca5487ff95d0b8a5ea2ba7c56b8c51f6a684d031d7628042d79d5
b688a376067d22eca0c258817d091ea11a0e7a8d0fdd10fbf781b6a1a2f4aeb9
b9a379cf25abb72074bb9e4942f3a8217ba1ca463b592f280ea4d382f5248e44
bd025f3195b71089130abd32dd4003aaad8c4097a5a7268b18bb6293581ae286
bde194c96c8ac1f21f1f44dbeb94337227c52cdd13feaed0a12809853373f62e
be7c3b65a7e53b32da05916850a0088195fe448678e92c46502f3193cf58094a
be99931f0561696240c5d72c67c25185c5afdea14fda689e713273f1ffdaa566
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c652e708c23127adbb52190b9248745a01af740663214e393b186d3232aca8f3
c8c358f84129cf925a1230d95d01dd9dad44ef2453ea6f18a6ef4d1cc47d04e4
cab133de8cec7fc1216859ac7d3e65a4a6763d9a4b1ef98422564b2ecd069a7e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf60262cc3a147e339a1a61ea7bf9118127ce3e33d4ebfca98381f91d5d50fb2
d158a04a3f507a4bdd3446aebe62ff89f18faba6d95520eeb467dbd56a118064
d4a1f8c08e7da458a1f9b4e09161ee2c30acfe75cc6f84caf618f4f84b274146
e23f5079fd0892ee0c638733a67677078857293545108b6229f74c9c0ce9e60c
e2778ba64bc9523a20ec06eaa79e22d1aa5862c22f7bdd212ca76f8374d50a8d
e376bc662a5ac5ec5f253c455dc0ea0272bcf6f56f51c8acce84e6de3db9f80f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec54115c834b43a24c4044dfeb1ecc53e1625685042673395bf523d0d677fc82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f379ec8b012003ea98a7e47b5394f013822dfdd595a21ac33a80e23432f5ffc2
fbaa38c772955672fd812a2c05c60c1ee735904216e97ca686b55088bb615640
fc6f9bce5aaaaedf1430cda83b14e5c9bf1ec7ee04f5f5daa8c25c209df6dbae
fd92ede9a60317b876ee3afca1ef3c69e7e7bf27d15c411ca6bde8b69d7bd4b4