www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pravda.com.ua/
Effective URL:
https://www.pravda.com.ua/
Submission: On September 29 via api (September 29th 2022, 2:00:51 am UTC) from GB — Scanned from GB

Summary HTTP 171 Redirects Links 77 Behaviour Indicators

Summary

This website contacted 54 IPs in 12 countries across 34 domains to perform 171 HTTP transactions. The main IP is 107.178.251.122, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.pravda.com.ua. The Cisco Umbrella rank of the primary domain is 54929.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on July 14th 2022. Valid for: a year.

This is the only time www.pravda.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	107.178.251.122 107.178.251.122	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e01::879:1	200325 (BUNNYCDN) (BUNNYCDN)
21	34.111.239.200 34.111.239.200	15169 (GOOGLE) (GOOGLE)
1	116.202.11.242 116.202.11.242	24940 (HETZNER-AS) (HETZNER-AS)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	95.216.24.148 95.216.24.148	24940 (HETZNER-AS) (HETZNER-AS)
3	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	138.199.37.230 138.199.37.230	60068 (CDN77 ^_^) (CDN77 ^_^)
1	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2 7	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
6 14	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
2	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	18.156.31.19 18.156.31.19	16509 (AMAZON-02) (AMAZON-02)
1	185.239.173.226 185.239.173.226	55081 (24SHELLS) (24SHELLS)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:402::9d	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
3 5	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8 16	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 5	52.46.143.56 52.46.143.56	() ()
1 1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:7b94:90d0:b5d7:ff5b	16509 (AMAZON-02) (AMAZON-02)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	18.157.93.190 18.157.93.190	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d4c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	() ()
171	54

11 107.178.251.122 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 122.251.178.107.bc.googleusercontent.com

pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e01::879:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.111.239.200 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 200.239.111.34.bc.googleusercontent.com

img.pravda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.11.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.11.202.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.24.148 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-230.datapacket.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 6 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.31.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-31-19.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.173.226 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.95.125.22 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.143.56 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:7b94:90d0:b5d7:ff5b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.93.190 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-93-190.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	168 KB
24	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	185 KB
21	pravda.com img.pravda.com — Cisco Umbrella Rank: 126055	2 MB
16	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 481 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429	13 KB
14	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 297 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 494 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1216 s.amazon-adsystem.com	54 KB
12	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 465 eus.rubiconproject.com — Cisco Umbrella Rank: 557 token.rubiconproject.com — Cisco Umbrella Rank: 667 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	15 KB
11	pravda.com.ua 1 redirects pravda.com.ua — Cisco Umbrella Rank: 52740 www.pravda.com.ua — Cisco Umbrella Rank: 54929	307 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 acdn.adnxs.com — Cisco Umbrella Rank: 593 secure.adnxs.com — Cisco Umbrella Rank: 428	31 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28 region1.google-analytics.com — Cisco Umbrella Rank: 2852	62 KB
7	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16392 tt.onthe.io — Cisco Umbrella Rank: 13522	23 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
6	yahoo.com 3 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 959 ups.analytics.yahoo.com — Cisco Umbrella Rank: 282 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	2 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 55510 ls.hit.gemius.pl — Cisco Umbrella Rank: 13205	20 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 728 gum.criteo.com — Cisco Umbrella Rank: 402 mug.criteo.com — Cisco Umbrella Rank: 2810	7 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 95588	187 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	213 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6301 adservice.google.de — Cisco Umbrella Rank: 8962	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	115 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 344	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 604 cdn.indexww.com — Cisco Umbrella Rank: 1368	2 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	114 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 636	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 543 eb2.3lift.com — Cisco Umbrella Rank: 376	649 B
2	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2369	1014 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 135152	25 KB
1	linkedin.com px.ads.linkedin.com	708 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 983	178 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 10156
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 437250	170 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6336	288 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 9298	432 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3633	490 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 56996
171	34

	Domain	Requested by
21	img.pravda.com	www.pravda.com.ua
14	pagead2.googlesyndication.com	www.pravda.com.ua 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
13	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
12	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
11	tpc.googlesyndication.com	www.pravda.com.ua 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
10	www.pravda.com.ua	www.pravda.com.ua
7	ib.adnxs.com	2 redirects cdn.membrana.media googleads.g.doubleclick.net acdn.adnxs.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.pravda.com.ua
6	tt.onthe.io	cdn.onthe.io
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	aax-eu.amazon-adsystem.com	3 redirects c.amazon-adsystem.com
5	www.google.com	www.pravda.com.ua 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com tpc.googlesyndication.com
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	googleads4.g.doubleclick.net	www.pravda.com.ua
4	gaua.hit.gemius.pl	1 redirects www.pravda.com.ua gaua.hit.gemius.pl
4	cdn.membrana.media	www.pravda.com.ua cdn.membrana.media
4	www.googletagmanager.com	www.pravda.com.ua www.googletagmanager.com
3	420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.google-analytics.com
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.googletagservices.com	www.pravda.com.ua 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	ups.analytics.yahoo.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	s0.2mdn.net	420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	www.google.de	www.pravda.com.ua
2	inv-nets.admixer.net	cdn.membrana.media
2	c2shb.ssp.yahoo.com	cdn.membrana.media
2	fastlane.rubiconproject.com	cdn.membrana.media
2	s.zmctrack.net	www.pravda.com.ua
1	px.ads.linkedin.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.taboola.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	secure.adnxs.com	1 redirects
1	acdn.adnxs.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	mug.criteo.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	loadercdn.net	www.pravda.com.ua
1	ghb.adtelligent.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	cdn.onthe.io	www.pravda.com.ua
1	pravda.com.ua	1 redirects
171	62

This site contains links to these domains. Also see Links.

Domain
www.epravda.com.ua
life.pravda.com.ua
www.eurointegration.com.ua
forum.pravda.com.ua
blogs.pravda.com.ua
www.istpravda.com.ua
tabloid.pravda.com.ua
dostup.pravda.com.ua
www.facebook.com
promokod.pravda.com.ua
club.pravda.com.ua
www.youtube.com
bit.ly
twitter.com
t.me
www.instagram.com
interfax.com.ua

Subject Issuer	Validity	Valid
*.pravda.com.ua Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.membrana.media R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.pravda.com Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
loadercdn.net R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.pravda.com.ua/
Frame ID: 0A94AD45DF42CCEF1F79A1B345721EDE
Requests: 105 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: BBAA6679C1F13EBDEFF46448F9ED9E2C
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1476916C516AE54212A65D8AC5EDB2B2
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 0DE7C4EB8D0E3F3CF05FD1437E3D78AD
Requests: 1 HTTP requests in this frame

Frame: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A9413D627533CC0A8A305542F516A26
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t
Frame ID: FCACDB37DA2F7498D6BE2FB61B456BF6
Requests: 1 HTTP requests in this frame

Frame: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B05B42FDE971FD7F20C61A5C6FF7029
Requests: 13 HTTP requests in this frame

Frame: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0F59918A5090294286E610F3C8CE2EDE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhiLkPrTATAB&v=APEucNXaj5hHjQmkE8BQOY3KljbFxh4E23cv6Q5r2NqdTpBqtbuqm2nzM9xw-W1OyDBbW08urQgJtYS3YPWS2x08jTYtnuECpzegDpvjrFSrT82fFyONdGbxIPYpq-rX4fEevwgGFpmo1pasbZ3b5AZW2q7_Mc68xpTDS6ZX_vaEUdX2ezDvf_Y
Frame ID: 27A6846E3039A11B5D32A5C03F722790
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjU8Y3PATAB&v=APEucNU-RUbj1uHGH6X4XZuaL84kZfpItOwCdZwmLZ3epUuEoych8joaefYNjck77ydambnnk4MzQvBM-9Sc_3kGmzLLVW7UAxa4kLpRjc7QnmFFWd8UEqXObZKTeGR2vVS6Q6UKryntU4U2r4-T6j2LKnTvJ5znFHQCPT9xzIOAWVTX7S6iS0c
Frame ID: 6BC448342252B4EAF6AEA3D75221399E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9C9C37E8582B1232770C14752921C3EE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ABF24A8D063714A3CB3ACBBBEDCA6FAF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua
Frame ID: E957C01490CC347C95AAC9CD46B44F41
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 739132135089B86A8EEA2D101C86DDAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4351D1D8B83119C3FCFAFDFC461DD732
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 64EEC55A85EC9D844F104B715CA5B55B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CC22697F2548E7EE9D8FBC4074E09C90
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6AD9D6F0399D3500FF5CE0BDC5973AC1
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C1BE5C8FF810248B1CBFDFFFE97E0362
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BE0D83972BF06D31E7931906FF0BEFAF
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Українська правда - новини онлайн про Україну

Page URL History Show full URLs

http://pravda.com.ua/ HTTP 301
https://www.pravda.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

171
Requests

87 %
HTTPS

37 %
IPv6

34
Domains

62
Subdomains

54
IPs

12
Countries

4088 kB
Transfer

6662 kB
Size

44
Cookies

77 Outgoing links

These are links going to different origins than the main page.

URL: https://www.epravda.com.ua/
Title: Економіка

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/
Title: Життя

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/
Title: Європа

Search URL Search Domain Scan URL

URL: https://forum.pravda.com.ua/
Title: Форум

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/
Title: Блоги

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/
Title: Історична правда

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/
Title: ТаблоID

Search URL Search Domain Scan URL

URL: https://dostup.pravda.com.ua/
Title: Доступ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ukrpravda/shop/?ref_code=mini_shop_page_card_cta&ref_surface=page
Title: UP Shop

Search URL Search Domain Scan URL

URL: https://promokod.pravda.com.ua/
Title: ПРОМОКОДИ

Search URL Search Domain Scan URL

URL: https://club.pravda.com.ua/?utm_source=main&utm_campaign=pravda_button_ukr
Title: Підтримати УП Donate

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/projects/proftech/2022/05/10/248513/
Title: Бізнес, нове обладнання та навчання педагогів. Чому розвиток профтехосвіти критично важливий під час війни

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/04/25/686166/
Title: Якщо необхідно допомогти близьким та Україні: п’ять зручних сервісів для переказу грошей

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/02/17/247472/
Title: П’ять чотири вісім вісім. Законопроєкт, який покликаний побороти нетерпимість

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/project/2022/bridges/article_21.html
Title: Як українці ставляться до своїх західних сусідів: стереотипи та прагнення

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/02/15/682219/
Title: Банк нашої незалежності, або 30 років Ощадбанку: як змінилося фінансове життя українців

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/culture/2022/09/28/250625/
Title: Міськрада Одеси провалила голосування за знесення пам’ятника Катерині ІІ

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/28/250622/
Title: СПЕЦПРОЄКТДитинство без війни. Як дітей із прифронтових регіонів евакуйовують у Туреччину

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/28/250610/
Title: Загинули відразу. Історія родини, яку росіяни вбили в Ізюмі

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147710/
Title: Президентка Молдови: якщо наш нейтралітет порушать, ми повинні захищатися

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/28/250631/
Title: Дитячий омбудсмен РФ заявила, що депортовані діти з Маріуполя нібито полюбили Росію

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691995/
Title: Економічні новини 28 вересня: ЄС пропонує нові санкції проти РФ, податки на пальне повертаються

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691993/
Title: Шмигаль розповів, наскільки Україна готова до опалювального сезону

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691994/
Title: Єврокомісія пропонує обмежити ціну на російський газ

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691992/
Title: Приватбанк остаточно виграв справу за будівлю головного офісу у Дніпрі

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691991/
Title: Україна отримала 500 мільйонів євро допомоги від ЄС

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147691/
Title: У Британії припускають, що Росія підірвала "Північні потоки" підводним дроном – ЗМІ

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147700/
Title: Влада Грузії різко засудила візит Лукашенка до окупованої Абхазії

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691989/
Title: Міненерго та ПРООН реалізують нову програму відновлення енергетичного сектору України

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147684/
Title: Трюдо обговорив із Зеленським "референдуми" і подальшу підтримку України

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/09/26/691817/
Title: "З початком війни наш бізнес наче вимкнули". Як підприємниця релокувала дитсадок із Донеччини до Коломиї

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/28/250629/
Title: Українці створили петицію про демобілізацію військових за власним бажанням

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147682/
Title: МЗС Грузії звинуватило Лукашенка, який відвідав Абхазію, в порушенні державного кордону

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/news/2022/09/28/691988/
Title: Нафта дорожчає після несподіваного скорочення запасів у США

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/09/28/691949/
Title: У Мінфіну з'явився конкурент – НБУ хоче продавати облігації. Як на цьому заробити?

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=t_m2ZWZ1LrU
Title: Батальйон "Відень". Як українські елітні біженці обжилися в австрійській столиці

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/project/2021/workineu/article6.html
Title: Українські біженці в Польщі, Чехії й Румунії: хто вони, чого чекають і чи повернуться додому

Search URL Search Domain Scan URL

URL: https://bit.ly/3CjGZT2

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/interview/2022/09/28/7147648/
Title: Посол Німеччини: У НАТО зараз щодня обговорюють те, як відповісти у разі ядерного удару

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/09/27/691895/
Title: Танці навколо санкцій. Що у Зеленського вирішили робити з Фрідманом та іншими російськими олігархами?

Search URL Search Domain Scan URL

URL: https://bit.ly/3BFAszG

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/publications/2022/09/26/691858/
Title: Легалізована контрабанда. Паралельний імпорт працює в Росії вже сім місяців, хто допомагає Москві?

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/columns/2022/09/28/691967/
Title: Недостатньо об'єднати лісгоспи: потрібні комплексні реформи

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/columns/2022/09/28/691925/
Title: Як росія та Україна воюють на кіберфронті

Search URL Search Domain Scan URL

URL: https://www.epravda.com.ua/columns/2022/09/27/691924/
Title: Не платиш податки під час війни — поясни податковій причину

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/authors/stavniychuk/63341fd8f17fa/
Title: ''Недооголошена'' війна. Чому для нас важливо оголосити стан війни через агресію РФ проти України

Search URL Search Domain Scan URL

URL: https://blogs.pravda.com.ua/authors/avakov/633402bb6feea/
Title: ВИНО ПРЕВРАЩАЕМ В БЕРЦЫ! ВТОРОЙ ЭТАП

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/27/250613/
Title: У Китаї вперше клонували арктичного вовка, сурогатною мамою був бігль

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/health/2022/09/27/250612/
Title: На Львівщині у дитбудинку-інтернаті виявили спалах дифтерії

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/27/250609/
Title: Котячий мер Львова "розповів", як не змерзнути взимку

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/health/2022/09/27/250608/
Title: Захворюваність на COVID-19 зростає: нові дані МОЗ

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/26/250597/
Title: Зустріч з батьком: донька звільненого морпіха Діанова опублікувала зворушливе відео

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/focus/63344e193200f/
Title: Вагітна Андрес в обтислому комбінезоні показала свої плюс 11 кіло. ФОТО

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/lounge/633439105067b/
Title: Як Лебідь перше фото з мамою після окупації робила: кумедний кадр

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/lounge/63343f3594037/
Title: "Не хочу виправдовуватися": Мусіна посвітила пресом на тлі паризької архітектури

Search URL Search Domain Scan URL

URL: https://tabloid.pravda.com.ua/lounge/63342fe679cdb/
Title: Неплях посвітила грудьми та стегном у сексі-сукні в паризькій опері

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/27/250601/
Title: Вагони, сповнені болю. Історія лікарки з евакуаційного медичного потягу

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/projects/sady/632dbee2da342/
Title: "Війна у розпалі, а ми саджаємо черешні". Історія ягідного саду із серця України

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/projects/sady/63234871a6995/
Title: Діти з сиротинців вчаться вирощувати овочі та заробляти гроші: як працює проєкт "Наша теплиця"

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/13/250400/
Title: Ми втратимо Запорізьку область, якщо вибухне АЕС. Міністр захисту довкілля про наслідки екоциду в Україні

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/7/250190/
Title: Ми всіх повернемо додому. Як вивозять з фронту полеглих захисників України

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/09/1/250253/
Title: Математика, історія, біологія: наскільки добре ви пам’ятаєте шкільну програму? ТЕСТ

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/25/250160/
Title: "Часом краще зробити ампутацію і швидко "поставити на ноги": історії травматолога з військового госпіталю

Search URL Search Domain Scan URL

URL: https://life.pravda.com.ua/society/2022/08/24/250130/
Title: Що ви знаєте про боротьбу за українську незалежність? ТЕСТ

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147711/
Title: Подробиці нових санкцій ЄС: без алмазів, але проти мила і туалетного паперу – ЗМІ

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147709/
Title: Україна отримає чотири системи ППО IRIS-T замість однієї

Search URL Search Domain Scan URL

URL: https://www.eurointegration.com.ua/news/2022/09/28/7147708/
Title: Перемога України може посприяти вирішенню проблеми Придністров’я – президентка Молдови

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161333/
Title: Окупанти прив'язали червоний прапор на половецьку бабу

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/artefacts/2022/05/13/161332/
Title: Українці - військовополонені у Аушвіці: невідомі мученики

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161331/
Title: Оприлюднено імена лауреатів «Книжки року’2021»

Search URL Search Domain Scan URL

URL: https://www.istpravda.com.ua/short/2022/05/13/161330/
Title: Презентовано Міжархівний пошуковий портал

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Ukrainska-pravda/114351485246187

Search URL Search Domain Scan URL

URL: https://twitter.com/UkrPravda_news

Search URL Search Domain Scan URL

URL: https://t.me/ukr_pravda

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChparf_xrUZ_CJGQY5g4aEg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ukr_pravda/

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pravda.com.ua/ HTTP 301
https://www.pravda.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://gaua.hit.gemius.pl/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=n88rMRyogdIbySpIwPFdbxQXgGXw8wxwpZr3IPuSU2b.I7eoJXTrd1t3vgaTyJWyBNNIvwLqtdcBu0r2y7AslJw1ngiu/cHJI46gu64uhQ/&ltime=384&fpdata=W1i24AC1oMNmGRc7hQ98eYMPdVCQYlygj9Wc5jeT7uL.G7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=n88rMRyogdIbySpIwPFdbxQXgGXw8wxwpZr3IPuSU2b.I7eoJXTrd1t3vgaTyJWyBNNIvwLqtdcBu0r2y7AslJw1ngiu/cHJI46gu64uhQ/&ltime=384&fpdata=W1i24AC1oMNmGRc7hQ98eYMPdVCQYlygj9Wc5jeT7uL.G7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 103

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

Request Chain 151

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XqDVE3xyczJYZUFDUWF6WXByYytOSXk2Y1dCNloxL1FLYVh4YkwxWU5HZXFFNlBWa1FnRGZVUm9wcDN0clI3SVFEc013R0VwZXBxdElDdlJqMWZZTjZaU3N3bndhRDdTOXpIYVc3aHltL0IwZmRmdnRia21TcG1NM0xvSjB3UlpacENJSFJqVkJERTVHWHJ1RDB1d0RrUjBTRDNiUGlyYjF4WW5nczR4WlBhdVpkRVR0TXRCWlpQd1lPeE4xRTFhME4wZE1oeml4ZURJNnZSYWFYVHo4Mndad1pJbnVyWDFTeE5NR2hwOENhT25nQlVlaDJ0dXFtRHZjTTlQQ1RmL3ZiUGNEMHZ6WXZyVjB6Tm5na3gzRGsrL0VtQT09fA&cppv=2

Request Chain 166

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&dcc=t

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFHnjM5jlHPw3cqYws7aYwc&google_cver=1

Request Chain 168

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5276605410860794902

Request Chain 170

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB

Request Chain 171

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAA%265133 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4aadd6e5-9116-4f84-89ba-01600566fd4b-tucta2e81d1

Request Chain 172

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iC5OAxPY1ODIR35

Request Chain 174

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8METDLV-24-IK94

Request Chain 175

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bsRgJEufS9urbXDQpB5Jxg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bsRgJEufS9urbXDQpB5Jxg

Request Chain 176

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nbjbA1YaTBe9uYuN5ng12Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbjbA1YaTBe9uYuN5ng12Q

Request Chain 177

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWNmYzkyMzE0MWIyNDZiMzY4Mzg5OWE4ZDQ0NGFhZjIxMTI4M2QyMg

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEEb5V4TaDh4ciXYqTfYG-k&google_cver=1

Request Chain 180

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNRVRETFYtMjQtSUs5NA==

Request Chain 181

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/BAmy_Op2I2mRrtmOgpW5Ecn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5663539187457484377

171 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pravda.com.ua/
Redirect Chain

http://pravda.com.ua/
https://www.pravda.com.ua/

235 KB
57 KB

172ms
55ms

Document
text/html

107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

036c7f0983c96e56a2ec57bbea4b998297e58047adab50958adaac348ca52241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: must-revalidate,no-transform,public,max-age=15
content-encoding: br
content-length: 57962
content-type: text/html; charset=windows-1251
date: Thu, 29 Sep 2022 02:00:36 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Content-Length: 162
Content-Type: text/html
Date: Thu, 29 Sep 2022 02:00:44 GMT
Location: https://www.pravda.com.ua/
Server: nginx
Via: 1.1 google

GET
H2 200 firasans-extrabold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 124ms
122ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-extrabold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

92549177c6b52fe203008ae2a7f01889cfebc82776e49191b2c00f9b9586512f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 634038
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64908

GET
H2 200 firasans-regular-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 63 KB
63 KB 104ms
102ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-regular-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

05183e561e51aafc81df6346bc29a7d00d68492d4e9c7eb1674b3740d030abb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 633989
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64680

GET
H2 200 firasans-bold-webfont.woff2
www.pravda.com.ua/images/v6/fonts/ 64 KB
64 KB 145ms
144ms Font
text/html 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pravda.com.ua/images/v6/fonts/firasans-bold-webfont.woff2?1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

27f4eb20513cb49452d33d3d5a4fe5552e359026114da038e235ebf373b9bf6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pravda.com.ua/
Origin: https://www.pravda.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 634038
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65148

GET
H2 200 index.css
www.pravda.com.ua/misc/v6/ 177 KB
22 KB 81ms
80ms Stylesheet
text/css 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/index.css?30
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17404fb96c31bd8905c8be2bb35722f605c01a81d4546a74a183d0420f27ad04

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 19:50:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 27 Sep 2022 16:38:18 GMT
server: nginx
age: 108623
etag: W/"633326fa-2c595"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22176

GET
H2 200 jquery-1.12.4.min.js Show response
www.pravda.com.ua/misc/v6/ 95 KB
32 KB 159ms
158ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/jquery-1.12.4.min.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:16:48 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 17 Feb 2020 12:57:31 GMT
server: nginx
age: 333837
etag: W/"5e4a8dbb-17b8b"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32724

GET
H2 200 sticky-kit.js Show response
www.pravda.com.ua/misc/v6/ 8 KB
2 KB 171ms
170ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/sticky-kit.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 04:57:43 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 21 Mar 2017 03:30:03 GMT
server: nginx
age: 334982
etag: W/"58d09e3b-218d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1942

GET
H2 200 common.js Show response
www.pravda.com.ua/misc/v6/ 7 KB
1 KB 172ms
171ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/v6/common.js?8
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:06:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 17 Jan 2022 13:47:05 GMT
server: nginx
age: 323644
etag: W/"61e57359-1a94"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1413

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 180ms
63ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0392442345c82265883d6048d26deff1cd9940cc653064698407cef758f0be97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42350
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H2 200 jquery.sticky.js Show response
www.pravda.com.ua/misc/ 8 KB
2 KB 181ms
181ms Script
application/javascript 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pravda.com.ua/misc/jquery.sticky.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 04:47:46 GMT
content-encoding: br
via: 1.1 google
last-modified: Sun, 18 Oct 2015 23:19:33 GMT
server: nginx
age: 335579
etag: W/"56242905-2064"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=windows-1251
cache-control: public,max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2094

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 274ms
105ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617aaa275c747e322bbd678ebb079c47fda940845cd22901d0c2f014d862fbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27746
x-xss-protection: 0
server: sffe
etag: "1348 / 459 of 1000 / last-modified: 1664402832"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/upr/ 371 KB
115 KB 204ms
48ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/upr/ym.js?v=5
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: 3d4b85f99430702929f8925281fdb23d83c0dc7bf5f88562aec7066370f88815

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-storageserver: DE-169
cdn-cachedat: 09/23/2022 18:58:33
cdn-pullzone: 139012
last-modified: Fri, 23 Sep 2022 18:58:27 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 252
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"632e01d3-5cd26"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 19fa112387de1e31d21d432990d06534
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 347b9e4-himars1400.jpg
img.pravda.com/images/doc/3/4/ 44 KB
44 KB 304ms
186ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/3/4/347b9e4-himars1400.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

8551096206bda0de6844e086ee89d7f8ff91f28b97ab1517bc1b446aa5152a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 18:28:04 GMT
server: nginx
date: Wed, 28 Sep 2022 18:29:19 GMT
age: 27086
etag: "63349234-affa"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45050
x-xss-protection: 1; mode=block

GET
H2 200 3133954-72b1094-chernihiv-banner-original.webp
img.pravda.com/images/doc/3/1/ 581 KB
582 KB 401ms
283ms Image
image/webp 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/3/1/3133954-72b1094-chernihiv-banner-original.webp

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

21641166d7b7b069a6d40584a92b946967e7b33a098d066b922f4d2db7b71de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Aug 2022 14:14:09 GMT
server: nginx
date: Sun, 11 Sep 2022 12:12:30 GMT
age: 1518495
etag: "63063231-914ac"
content-type: image/webp
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 595116
x-xss-protection: 1; mode=block

GET
H2 200 0e6cb24-telegram-3-original.png
img.pravda.com/images/doc/0/e/ 22 KB
22 KB 397ms
279ms Image
image/png 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/0/e/0e6cb24-telegram-3-original.png

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

70bb5b87e6b41923f882a39c3b7b3ecdd1a8818c6e1b3f145700ed40943be567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Jul 2022 12:14:06 GMT
server: nginx
date: Sun, 11 Sep 2022 12:13:43 GMT
age: 1518422
etag: "62cc140e-5888"
content-type: image/png
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22664
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK xWy68oZpibnY Show response
cdn.onthe.io/io.js/ 69 KB
21 KB 271ms
120ms Script
text/javascript 116.202.11.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.11.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.11.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 041e46bf70fbeb6e8c4efa5dd519679e7c18cc0ea0cf2401a1dc6731574b7b4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 02:00:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:15:45 GMT
Server: nginx
ETag: W/"60e6fa81-11288"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 30 Sep 2022 02:00:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
57 KB 230ms
133ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c54310906233de7036f2f7e5a999077478c77e6da99e8ee7fe70c719cc66485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58149
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f687aea5c1d558829312fdf7d1f1c4daff6d4b81eb50f0f6c54517d3261b403d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7181c87bff521fce029fb02d9aa4bf8a7e17e6305530db7dafde75e9fad6846b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ae725019222ebf6828d5be8379a9d545a94cac56698904aca22c1cee14522b6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228a3b791b4b5d31648dd5f362d6685586b53e1165920e9df80477a357aecc97

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7289fa539d682275fdf1a2ae4a5e0cea5621a59b83d4cfd2288f6c55b3585c55

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63e1a1a75e683c02f5c8cbc8335937144ae91bb5c6ca0ae41ea1d4d222f492d7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe0735824c048f03d337374cefcdb74eab99e9f197c04888566184f7fb956808

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96fa106a4c8327abd834abf8d6823dda48c1f021d22235adf3a11df693620ad4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eaecaf0eb8a74bd2e9bbf29b474efd83f9c8c7112f65bcdf0b9db336fdf59ba

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f7407773f2f183fdd575c44139ac4140e09de764d8f968b9661f37060daf470

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523685b138c067197cc856ab8fa9475d6ffbe6f9a9a715f596216b215bdfc5f3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 59 KB
16 KB 278ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: d8e82b7b5c6c902436b8dc31f2db5ab5001b45ea9027c5ec8ef093ba1d1305ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 10:13:48 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15916
expires: Thu, 29 Sep 2022 14:00:45 GMT

GET
H2 200 b99b0fd-a144d16-705-400x224.jpg
img.pravda.com/images/doc/b/9/ 71 KB
71 KB 314ms
273ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/b/9/b99b0fd-a144d16-705-400x224.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

87203a30da458fd6e6695c9e7e2e63e3eceede957fa5255eaae353e3366ca314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 10:19:37 GMT
server: nginx
date: Mon, 26 Sep 2022 10:25:49 GMT
age: 228896
etag: "63317cb9-11b97"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72599
x-xss-protection: 1; mode=block

GET
H2 200 111beb0-308581781-419081150404969-5582287808836524303-n.jpg
img.pravda.com/images/doc/1/1/ 39 KB
39 KB 248ms
207ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/1/111beb0-308581781-419081150404969-5582287808836524303-n.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a9031b1545edaa37bc3d3263cb6475231e95ef87e22a071d87a62cb7fe1a34e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 29 Sep 2022 00:42:57 GMT
server: nginx
date: Thu, 29 Sep 2022 00:43:33 GMT
age: 4632
etag: "6334ea11-9a5b"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39515
x-xss-protection: 1; mode=block

GET
H2 200 7cc15aa-bf796bb-6900.jpg
img.pravda.com/images/doc/7/c/ 52 KB
53 KB 92ms
55ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/7/c/7cc15aa-bf796bb-6900.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a48520a4e18dcd63e328884cc178a2fedd032ff87044322be4ac1f4897b8a2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 16:59:40 GMT
server: nginx
date: Wed, 28 Sep 2022 17:00:06 GMT
age: 32439
etag: "63347d7c-d0e1"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53473
x-xss-protection: 1; mode=block

GET
H2 200 0f7040c-truhin400.jpg
img.pravda.com/images/doc/0/f/ 52 KB
52 KB 172ms
136ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/0/f/0f7040c-truhin400.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5544088fac067558553964c26a02beec4a2403317bb094dd009c52902de0dbdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 14:45:35 GMT
server: nginx
date: Wed, 28 Sep 2022 14:47:21 GMT
age: 40404
etag: "63345e0f-d11f"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53535
x-xss-protection: 1; mode=block

GET
H2 200 43010a4-podcast705.jpeg
img.pravda.com/images/doc/4/3/ 184 KB
184 KB 203ms
166ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/4/3/43010a4-podcast705.jpeg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9f4802c0073e8931118a54ed1ee27ed022505a8a7375a98e605333fe8b3ea6c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 14:20:50 GMT
server: nginx
date: Wed, 28 Sep 2022 14:40:32 GMT
age: 40813
etag: "63345842-2dff0"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188400
x-xss-protection: 1; mode=block

GET
H2 200 9bea3ea-forsage707.jpg
img.pravda.com/images/doc/9/b/ 128 KB
128 KB 272ms
271ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/9/b/9bea3ea-forsage707.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

19e158939fd0d2f0434a86864209cd0601b08115a6328d186bed79fad334b57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 19:40:11 GMT
server: nginx
date: Wed, 28 Sep 2022 02:54:13 GMT
age: 83192
etag: "6333519b-1ff32"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130866
x-xss-protection: 1; mode=block

GET
H2 200 dc19ccb-minfin-nbu-705.jpg
img.pravda.com/images/doc/d/c/ 168 KB
168 KB 277ms
276ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/d/c/dc19ccb-minfin-nbu-705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c7b5714d8fd3b47ed0eb4d7ac434076206167571b72d5406fa8b46b8da4e6771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 08:03:40 GMT
server: nginx
date: Wed, 28 Sep 2022 08:05:50 GMT
age: 64495
etag: "6333ffdc-29eaf"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171695
x-xss-protection: 1; mode=block

GET
H2 200 3428bc5-jonathan-littell-1_160x160.jpg
img.pravda.com/images/doc/3/4/ 21 KB
21 KB 281ms
280ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/3/4/3428bc5-jonathan-littell-1_160x160.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d4374ad7f8c476dc84035aae5a44980a087141e15d1f8938739ae8962aea44a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Mar 2022 12:31:50 GMT
server: nginx
date: Tue, 27 Sep 2022 15:05:48 GMT
age: 125697
etag: "6220b536-521c"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21020
x-xss-protection: 1; mode=block

GET
H3 200 ico_video.svg
www.pravda.com.ua/images/v6/ 731 B
423 B 56ms
54ms Image
image/svg+xml 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pravda.com.ua/images/v6/ico_video.svg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

122.251.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

595dd2499b4804d96cb8ea66281f80040e94c54f8c7c7e1a98c5a3732f1310c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 03:28:18 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 340347
etag: "5eb275c8-191"
last-modified: Wed, 06 May 2020 08:31:04 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=384161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401

GET
H2 200 d37a6bb-viden.jpg
img.pravda.com/images/doc/d/3/ 54 KB
54 KB 284ms
283ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/d/3/d37a6bb-viden.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

eb99b71fca4627cf1be522267fd4a7fd2cc04930d12b34649ac380490f061e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 08:22:43 GMT
server: nginx
date: Tue, 27 Sep 2022 08:25:52 GMT
age: 149693
etag: "6332b2d3-d82b"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55339
x-xss-protection: 1; mode=block

GET
H2 200 900d1e4-repiny.jpg
img.pravda.com/images/doc/9/0/ 75 KB
75 KB 289ms
287ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/9/0/900d1e4-repiny.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6c83a3be0c2975f9fba4c0cd2941a018cbe1efdea40db2d0efce0f03b04b933e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 06:49:51 GMT
server: nginx
date: Wed, 28 Sep 2022 06:51:14 GMT
age: 68971
etag: "6333ee8f-12be8"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76776
x-xss-protection: 1; mode=block

GET
H2 200 b09caec-germany7.jpg
img.pravda.com/images/doc/b/0/ 210 KB
210 KB 292ms
291ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/b/0/b09caec-germany7.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2f0a9dcaed36ada0086994a0cf6bb6650881d92db20cafefcb5e7c3c89ba3cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 09:45:20 GMT
server: nginx
date: Wed, 28 Sep 2022 09:46:13 GMT
age: 58472
etag: "633417b0-34911"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215313
x-xss-protection: 1; mode=block

GET
H2 200 817fd29-podcast-temperatura-eyes.jpeg
img.pravda.com/images/doc/8/1/ 131 KB
131 KB 296ms
295ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/8/1/817fd29-podcast-temperatura-eyes.jpeg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3064de5c678aa58b6d51dad919e2dfed7a938e34b87b40131a541d2f65b28ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 15:23:45 GMT
server: nginx
date: Tue, 27 Sep 2022 15:25:45 GMT
age: 124500
etag: "63331581-20ab2"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133810
x-xss-protection: 1; mode=block

GET
H2 200 3c265f8-7serebryanka.jpg
img.pravda.com/images/doc/3/c/ 185 KB
185 KB 300ms
299ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/3/c/3c265f8-7serebryanka.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ad960e6e8ed638e9b6ed657405b914c36a434c5df24b2f80154c62643100ef80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 11:57:48 GMT
server: nginx
date: Tue, 27 Sep 2022 13:34:12 GMT
age: 131193
etag: "6332e53c-2e4c6"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 189638
x-xss-protection: 1; mode=block

GET
H2 200 3825769-sanction705.jpg
img.pravda.com/images/doc/3/8/ 113 KB
114 KB 303ms
302ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/3/8/3825769-sanction705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2284685098d44eeb4ff7882b6fa24c88196aad8c95745c3718116e809790ce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Sep 2022 09:07:04 GMT
server: nginx
date: Tue, 27 Sep 2022 09:11:09 GMT
age: 146976
etag: "6332bd38-1c5ff"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116223
x-xss-protection: 1; mode=block

GET
H2 200 184cccb-passport-ros-705.jpg
img.pravda.com/images/doc/1/8/ 156 KB
156 KB 306ms
305ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/8/184cccb-passport-ros-705.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

83936ca72c76cd86999f8aa879c475cf044eff8e4ec23ac5e01897e75b5e4a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 21:43:52 GMT
server: nginx
date: Tue, 27 Sep 2022 02:31:38 GMT
age: 170947
etag: "63321d18-270c7"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 159943
x-xss-protection: 1; mode=block

GET
H2 200 7e87760-kontrabanda.jpg
img.pravda.com/images/doc/7/e/ 63 KB
63 KB 310ms
309ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/7/e/7e87760-kontrabanda.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4bcd3f4f5dc7f43c4a9268fc8b10f5e982f47ced094553f682d83e7707ee58cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 16:21:18 GMT
server: nginx
date: Mon, 26 Sep 2022 16:26:14 GMT
age: 207271
etag: "6331d17e-fd29"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64809
x-xss-protection: 1; mode=block

GET
H2 200 1aa3b78-janinedigiovanni1_160x160.jpg
img.pravda.com/images/doc/1/a/ 24 KB
24 KB 313ms
312ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/1/a/1aa3b78-janinedigiovanni1_160x160.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4e0bb5a46bfdd4c965486c80e672e61c1d3f180e35be6d094f6b8094cfb2feec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 10:21:16 GMT
server: nginx
date: Mon, 26 Sep 2022 13:11:09 GMT
age: 218976
etag: "63317d1c-5fb5"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24501
x-xss-protection: 1; mode=block

GET
H2 200 5649761-7dytsadok.jpg
img.pravda.com/images/doc/5/6/ 118 KB
118 KB 316ms
315ms Image
image/jpeg 34.111.239.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.pravda.com/images/doc/5/6/5649761-7dytsadok.jpg

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.239.200 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

200.239.111.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

61fa1acf71a539d4f4e58b0cca3e0ab789d0a9788d98633fad66c3dd3d32e1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Sep 2022 07:05:58 GMT
server: nginx
date: Mon, 26 Sep 2022 07:10:56 GMT
age: 240589
etag: "63314f56-1d92f"
content-type: image/jpeg
cache-control: max-age=5184000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121135
x-xss-protection: 1; mode=block

POST
H2 200 z Show response
s.zmctrack.net/ Frame BBAA 60 KB
25 KB 359ms
161ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: fff82d02d2096f5e6552fd74ddbfa44fa60873f906d1ea79b8ceebd626b6e5ee

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 25098
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 01:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3526
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 29 Sep 2022 03:01:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 213ms
104ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-554376-23&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-554376-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

637748bd4ebcf97c596bd5bfdee2e7259d109333753c22b6bd66a126b519cbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42371
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 246ms
79ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:uniques_instantly[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:3522c12d3.1d0102c15_1664416845497,session_id:b62a013c1.1c98df6f6_1664416845498,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&1664416845503
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 243ms
77ms Script
text/html 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=29&holding=859faaebd514d65ed0a19a5eea288384&hash_user=3522c12d3.1d0102c15_1664416845497&1664416845504
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 242ms
79ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:visits_instantly[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:3522c12d3.1d0102c15_1664416845497,session_id:b62a013c1.1c98df6f6_1664416845498,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&__io=3522c12d3.1d0102c15_1664416845497&1664416845508
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 238ms
80ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42124:pageviews[url:%2F,domain:www.pravda.com.ua,page:%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0,page_type:main,language:ua,type_article:article,reference_time:0,pub_date:Thu%2C%2001%20Jan%201970%2003%3A00%3A00%20%2B0300,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:3522c12d3.1d0102c15_1664416845497,session_id:b62a013c1.1c98df6f6_1664416845498,cdn_version:43]&s=006a533fc3b6c64fb330760b5e14661c&1664416845512
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ht.json Show response
tt.onthe.io/xWy68oZpibnY/ 2 B
378 B 234ms
77ms XHR
application/json 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/xWy68oZpibnY/ht.json
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Last-Modified: Sat, 12 Mar 2022 20:37:31 GMT
Server: nginx
ETag: "622d048b-2"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
42 KB 84ms
72ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-M5KSFRL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed79244dc32a45d8b14573b6455746f51bdc33066c7d625ee55f9b6e6d7e0ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WW7B57

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bfc502b95618ad0ad2ab9ca75c89d0b42762d0ff2ebc0dd8c8d1855d7816880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H2 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 240ms
72ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:03:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Sep 2023 11:03:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 298 B
788 B 261ms
95ms XHR
application/json 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pravda.com.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152
x-xss-protection: 0
expires: Thu, 29 Sep 2022 02:00:45 GMT

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
646 B 147ms
49ms Fetch
text/plain 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
cdn-edgestorageid: 883
cdn-storageserver: DE-165
cdn-cachedat: 08/29/2022 19:21:02
cdn-pullzone: 139012
x-ym-country: DE
content-length: 3
last-modified: Fri, 11 Mar 2022 13:55:15 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 309
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: "622b54c3-3"
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: x-ym-country, cdn-requestcountrycode
cache-control: public, max-age=86400
cdn-requestid: 26a5f4446c37cac4bc4457eebf5702ad
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 438ms
64ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:51:01 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 586
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: DaSSGlomggx3pfPpAWnqqcnplFTmg9VsEFVdaDwBuO5tH7oYCEhKaQ==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 234ms
91ms Ping
text/html 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?UPR;desktop;;home_page_desktop;d80353|952c5f
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-230.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 221 KB
71 KB 49ms
49ms Script
application/javascript 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: f74a91bc1e62a599f44663acb65a4f039a8d801e93f0e6b1ded42a3c869d45f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-storageserver: DE-165
cdn-cachedat: 09/29/2022 00:27:09
cdn-pullzone: 139012
last-modified: Wed, 28 Sep 2022 08:34:32 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"63340718-372f3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 332fac22fc8bf0659d5e85ef24b9a718
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 178 B
870 B 140ms
48ms XHR
text/plain 2400:52e0:1e01::879:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-879 /
Resource Hash: f6070f9267df6a0966ad2248b1266a6dbf77d63ae0c5584f1ed64247ba3005c9

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-storageserver: DE-51
cdn-cachedat: 09/28/2022 08:34:09
cdn-pullzone: 139012
last-modified: Wed, 28 Sep 2022 08:30:22 GMT
server: BunnyCDN-AMS-879
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: W/"6334061e-b2"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: 42cae8a26eba4b9e81f45fdda6c4c4f8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
490 B 311ms
132ms XHR
application/json 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0MjM1MTEmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0wNDczMjIwNy0wNTQ1LTQwMTctYWU3YS1lNGNmMjNiMTJiNmM%3D&bWlkPTE0MjM1MTImcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD04NjhkMmJlNC03Y2MwLTQ3MTAtODYwZC0xOTFlNDk3NWRjY2Y%3D&pt=gross&stid=7f5c1c93-3ec6-4370-aa0b-93a510ae0d64&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
8 KB 335ms
204ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5fa69bf6838cac9d1c18da70c7fda64e69079a16aed9fd1c31f73ef14c71448b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 29 Sep 2022 02:00:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 37c376be-6f2d-4db1-b695-fe83a0a8d862
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 283ms
106ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2390906&size_id=15&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.pravda.com.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=04732207-0545-4017-ae7a-e4cf23b12b6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.855722045090787
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b1cd88c4c30e392174c445cfb4d38ade396a495446ea703b626902e772017100

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 292ms
115ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=421096&zone_id=2388902&size_id=10&rp_schain=1.0,1!notsy.io,fd182d2f-e98c-448c-be3d-3d292004438e,1,,,&rf=https%3A%2F%2Fwww.pravda.com.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=868d2be4-7cc0-4710-860d-191e4975dccf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9858731597612773
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8749bb8126f41678cab2781e498d093ff13a30c4b2159b3bf0dab15fbd823659

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 211ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a96913f0180803c5bc247bc38ba0180&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 75afdc11341314f2e15744013b22b8224cca615a93638cd46e8968349d56dde9

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
295 B 210ms
63ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695a00180803c601847b0d179017a&pos=8a96913f0180803c5bc247be02500181&cmd=bid&secure=1
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1ca5c467c103e893f33cfd3f9c6ac5c92768210d148d750c9425cc64b36bfc72

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
569 B 342ms
211ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=831915&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213e6378cb6c9bcb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pravda.com.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22fd182d2f-e98c-448c-be3d-3d292004438e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214534d01e50c39a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22155e920bd7d1b85%22%2C%22ext%22%3A%7B%22siteID%22%3A%22831915%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d6e4e78f08d3af6fbfd10c7b2d37d966629f41f1f89180efb3b47e0c10cf72

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qSy8geauTUx1gN9iVhn4kJqK0%2BBItMB%2Bf6LUZgbsBArrn5KtU9wVTUy6oR5sO90Yfo%2BOI36kihULEJcrv4vVxqbDPIN4Xb2j%2Fq2pFWgyQkOMFJRRxCn6kChLEuP5V0VKtJ07Pd8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75212086596e8926-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
219 B 306ms
61ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=26900808684

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 386 B
432 B 457ms
291ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8578,8579&sizes=300x250,300x600&referer=https%3A%2F%2Fwww.pravda.com.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 93b14c879e2d28f5f004370500b493b81fd5a89dd1427d115f1d4c6eabd5a9ca

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.pravda.com.ua
date: Thu, 29 Sep 2022 02:00:46 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 288ms
142ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2219aae5d9-7b49-4ac6-86ef-0bfae6884f28%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBR_1%22,%22transactionId%22:%2204732207-0545-4017-ae7a-e4cf23b12b6c%22,%22sizes%22:[[300,250]],%22bidId%22:%2223a08af3fc414f%22,%22bidderRequestId%22:%2222c85de19030f39%22,%22auctionId%22:%227f5c1c93-3ec6-4370-aa0b-93a510ae0d64%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%22168345ce-a342-4b76-b9b3-030057b6d907%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600]]}},%22adUnitCode%22:%22UPR_SBR_2%22,%22transactionId%22:%22868d2be4-7cc0-4710-860d-191e4975dccf%22,%22sizes%22:[[300,600]],%22bidId%22:%22249f0cedefb7978%22,%22bidderRequestId%22:%2222c85de19030f39%22,%22auctionId%22:%227f5c1c93-3ec6-4370-aa0b-93a510ae0d64%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 227ms
104ms XHR
application/json 18.156.31.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fwww.pravda.com.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.31.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-31-19.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
288 B 542ms
56ms XHR
application/json 185.239.173.226
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.226 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
507 B 209ms
66ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,250]]}},%22adUnitCode%22:%22UPR_SBR_1%22,%22transactionId%22:%2204732207-0545-4017-ae7a-e4cf23b12b6c%22,%22sizes%22:[[300,250]],%22bidId%22:%22324ee44b03c8cf4%22,%22bidderRequestId%22:%22315e4cde47e4c75%22,%22auctionId%22:%227f5c1c93-3ec6-4370-aa0b-93a510ae0d64%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}},{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%2231e23cc6-22fd-4b15-b2cd-7260ea9463e8%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600]]}},%22adUnitCode%22:%22UPR_SBR_2%22,%22transactionId%22:%22868d2be4-7cc0-4710-860d-191e4975dccf%22,%22sizes%22:[[300,600]],%22bidId%22:%22335ee4109c991b3%22,%22bidderRequestId%22:%22315e4cde47e4c75%22,%22auctionId%22:%227f5c1c93-3ec6-4370-aa0b-93a510ae0d64%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22fd182d2f-e98c-448c-be3d-3d292004438e%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fwww.pravda.com.ua%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 29 Sep 2022 02:00:45 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.pravda.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 204 /
loadercdn.net/ 0
170 B 307ms
84ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=efb5983b79f90d24&d=www.pravda.com.ua
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Sep 2022 02:00:46 GMT
server: openresty

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 282 B
396 B 79ms
77ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=www.pravda.com.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 6f712eb9f2435a5aee704b46aefcfd0486cee2210e2475dafca8c4151563001d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:45 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 282
expires: Sat, 29 Oct 2022 02:00:45 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1476 5 KB
3 KB 364ms
77ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: c1e42c4bb4fe67d88744eece857f09f104ab7050ecae63bd9fd4e0572ce21097

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:46 GMT
etag: PRIVATE7520710249
expires: Sat, 29 Oct 2022 02:00:46 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 169ms
60ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1517074856&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAAC~&jid=1051435422&gjid=1531864702&cid=795151713.1664416846&tid=UA-554376-1&_gid=561647875.1664416846&_r=1&gtm=2ou9q0&z=957597506

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 112ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1517074856&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1st_screen&ea=Right_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=634400409&gjid=1683497128&cid=795151713.1664416846&tid=UA-554376-1&_gid=561647875.1664416846&_r=1&gtm=2wg9q0WW7B57&z=1486872705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 98ms
54ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1517074856&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=1st_screen&ea=Left_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=&gjid=&cid=795151713.1664416846&tid=UA-554376-1&_gid=561647875.1664416846&gtm=2wg9q0WW7B57&z=1190794031

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29092
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 97ms
53ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=1517074856&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Latest_news_banner&ea=Left_banner_visibility&el=View&_u=aEDAAUABQAAAAC~&jid=&gjid=&cid=795151713.1664416846&tid=UA-554376-1&_gid=561647875.1664416846&gtm=2wg9q0WW7B57&z=1691722920

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 17:55:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29092
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 94ms
61ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1517074856&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABQAAAAC~&jid=1814836839&gjid=1023751481&cid=795151713.1664416846&tid=UA-554376-23&_gid=561647875.1664416846&_r=1&gtm=2ou9q0&z=2113095592

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 176ms
60ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MRSXWZPM31&gtm=2oe9q0&_p=1517074856&cid=795151713.1664416846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664416845&sct=1&seg=0&dl=https%3A%2F%2Fwww.pravda.com.ua%2F&dt=%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BF%D1%80%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%83&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MRSXWZPM31&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 206ms
71ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=1051435422&gjid=1531864702&_gid=561647875.1664416846&_u=YEBAAUAAQAAAAC~&z=49256654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 205ms
71ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=634400409&gjid=1683497128&_gid=561647875.1664416846&_u=aEDAAUABQAAAAC~&z=82695819

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 203ms
70ms XHR
text/plain 2a00:1450:4025:402::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-554376-23&cid=795151713.1664416846&jid=1814836839&gjid=1023751481&_gid=561647875.1664416846&_u=aEDAAUABQAAAAC~&z=190039733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pravda.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 78ms
77ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42125:uniques_holding&s=006a533fc3b6c64fb330760b5e14661c&__io=3522c12d3.1d0102c15_1664416845497&1664416846005
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/xWy68oZpibnY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:46 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 z Show response
s.zmctrack.net/ Frame 0DE7 102 B
453 B 83ms
83ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 9c0d84235048c1093e9c9f5d7052e1c804ddc1f8e856fc22a50e52d09e47a823

Request headers

Content-language: eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1664416846134/
Redirect Chain

https://gaua.hit.gemius.pl/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda....
https://gaua.hit.gemius.pl/__/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.prav...

169 B
424 B

114ms
114ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=n88rMRyogdIbySpIwPFdbxQXgGXw8wxwpZr3IPuSU2b.I7eoJXTrd1t3vgaTyJWyBNNIvwLqtdcBu0r2y7AslJw1ngiu/cHJI46gu64uhQ/&ltime=384&fpdata=W1i24AC1oMNmGRc7hQ98eYMPdVCQYlygj9Wc5jeT7uL.G7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: f9ff2e4dd6136e6b711034c99b08bb68ff62ae7d11d0dc15f11c9d4874bb1069

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Wed, 28 Sep 2022 02:00:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1664416846134/rexdot.js?l=100&id=0sgwsqe5pzCIPQDb5wLO8sdRHUykaC7Km1v9.r46UA3.K7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.pravda.com.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=n88rMRyogdIbySpIwPFdbxQXgGXw8wxwpZr3IPuSU2b.I7eoJXTrd1t3vgaTyJWyBNNIvwLqtdcBu0r2y7AslJw1ngiu/cHJI46gu64uhQ/&ltime=384&fpdata=W1i24AC1oMNmGRc7hQ98eYMPdVCQYlygj9Wc5jeT7uL.G7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 28 Sep 2022 02:00:46 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 152ms
152ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pravda.com.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.pravda.com.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 6wYotcckM-LPC9UKBE_DNdlcrffCxyuQAtj_uMwh9bExGVgwbLdw8w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 170 B
612 B 233ms
90ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pravda.com.ua%2F&pid=31ZutpLmHyjIt&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_996540314%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6942251%2FUPR_SBR_300_1%22%7D%2C%7B%22sd%22%3A%22notsy_container_542962284%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F6942251%2FUPR_SBR_300_2%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8851697668cedae41d83051d6d99fd5586d3452241ed1b9760edc6fbc623efc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: RMFKXQ7SZJ7S4N8H0AN4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pravda.com.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 170
x-amz-cf-id: Ji5-Ac15abSDuxSBVDdpDztDyeVdbhM0i0opuKKPAhTMI6t5RsE4hw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 165ms
56ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: FRA56-P6
age: 68204
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _lCi_q3_H2-Hcxc4RetK7P6o1BZ7kbaGlD5WP4sDFcuIwfI_0YB02w==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 185ms
67ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=634400409&_u=aEDAAUABQAAAAC~&z=1357988192

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 182ms
65ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=634400409&_u=aEDAAUABQAAAAC~&z=1357988192

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 182ms
66ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=1051435422&_u=YEBAAUAAQAAAAC~&z=940234947

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 183ms
67ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-554376-1&cid=795151713.1664416846&jid=1051435422&_u=YEBAAUAAQAAAAC~&z=940234947

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 279ms
97ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 267ms
100ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pravda.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
51 KB 575ms
429ms XHR
text/plain 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2442884170109442&correlator=4394276611382649&eid=31068928%2C31069635%2C31069923%2C31069995%2C44768257%2C44773130&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=6942251%2CUPR_SBR_300_1%2CUPR_SBR_300_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x600&fluid=height%2Cheight&ifi=1&adks=2307160464%2C1712895300&sfv=1-0-38&fsbs=1%2C1&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D1.80%26hb_adid_appnexus%3D342dc7f072bbd0a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D1.80%26hb_adid%3D342dc7f072bbd0a%26hb_bidder%3Dappnexus&eri=1&cust_params=lang%3Dua%26page_id%3Dhome_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1664416846238&lmt=1664416846&dlt=1664416844992&idt=1056&adxs=1136%2C1136&adys=1277%2C1567&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.pravda.com.ua%2F&frm=20&vis=1&psz=300x250%7C300x600&msz=300x0%7C300x0&fws=0%2C0&ohw=0%2C0&ga_vid=795151713.1664416846&ga_sid=1664416846&ga_hid=1517074856&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

2c45a235a1f0e2e3e88291659ded69e6b60cf749c8bd454850219f1613eb6d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52529
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pravda.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A94 6 KB
4 KB 339ms
106ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:46 GMT
expires: Fri, 29 Sep 2023 02:00:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame FCAC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

65 B
609 B

58ms
58ms

Document
text/html

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 29 Sep 2022 02:00:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: A52202N9GDXBBDW229V2

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Sep 2022 02:00:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_smrt_cnv_sovrn_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: VJERZTFPTJBX9DDYMSNW

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 254ms
77ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Sep 2022 02:00:46 GMT

GET
H3 200 container.html Show response
420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B05 6 KB
3 KB 221ms
74ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:46 GMT
expires: Fri, 29 Sep 2023 02:00:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0F59 6 KB
3 KB 208ms
78ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:46 GMT
expires: Fri, 29 Sep 2023 02:00:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 217ms
108ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Sep 2022 02:00:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 27A6 624 B
558 B 182ms
66ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhiLkPrTATAB&v=APEucNXaj5hHjQmkE8BQOY3KljbFxh4E23cv6Q5r2NqdTpBqtbuqm2nzM9xw-W1OyDBbW08urQgJtYS3YPWS2x08jTYtnuECpzegDpvjrFSrT82fFyONdGbxIPYpq-rX4fEevwgGFpmo1pasbZ3b5AZW2q7_Mc68xpTDS6ZX_vaEUdX2ezDvf_Y

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:47 GMT
expires: Thu, 29 Sep 2022 02:00:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 0F59 23 KB
10 KB 242ms
73ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 00:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 00:30:42 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame 0F59 6 KB
3 KB 267ms
98ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:44:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0F59 0
622 B 244ms
102ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_SWobFyJXnB0OxKw6gpuJu7XAtEKXCwFxKyullF15iz32BRA6e6yCsmv7Z_oP0f8eMLIkh-nDiqpa8J_omvQ3Dxonv9d-VJLXPsEw5Fk6cW-_DzVMCujsmda_aQ40wUybmLKI6vZ9fpBuPRjSPuUe2T3Wm9Jj7XUyoG8rvOE21oVad-rxLy8WcleQTVwMjsPxd_ImJgPu-vXooyfEsHxOXp9SyaHSy3MOBk8RCLeK6gxKQRgaIt1J_UnqwVhkZP1DkiXPQ_HvUYyRK-uE-JW8KsysoBhOeY6hGiC8rt1EDTXKEkE1sqxWz62JR-mjO3g74cKouh0jF5WbIPAS2LvPfCtkXIdZLkJEASb6kkEqqUHOwJJAUEhCwu5Yg7SmUc77eeCLgtYb3wJWP7uxxewlRocDxRoeB2YnQUXBhT1eJhqNEyABPV4dOreRnx_J1fID3W0wDtvJsYXjz-iZuJmjxXz6CY452xb9yqiT4dGzgDcFdT8--sSOqCil29v0I-F9tlUcbbAL80R4kOctGyypedzCBTuOWQC8N-D79fVl7bZha84BM_pKODQZjW62zEFB9MwFS3Vf48aJ0Q30pcasJA08EQitpGPT_mPvNhUiTXAjrFNflcKBNVJ0u7nZ8Twf2UJ7O-dnspt_Z0i-SsMFcLmcRTrS7muMTeZWCluwt1P5ycaDIbwUcJIbs2oX_HwF5Gtb7irGNuBdL1U_ZPSpCiYNVsIf7nAWicQ_Vz9qfcP-b0-W9do-AK6v8auPIPld7bZ-4KkUU2avf3eFCW7WYW6X7YtlFk_jFaru3YtF_Xz66FJTsglw58s6iI3M1ZUf5FYrfDTtFRCA4iUAqyZrmcA_1llXQg-jIpSZvFvGAAXd9A10C63IMpXEifH1GNPo_oPA7hTJFFPqLapp6XHRmKcFTtpTJUgMF8Ne-DU77pjLshQLdkyy9DcuR9Kj2nd2qGEyt3eZYurRLpyhyeK_IeEBEMWIpCkKu89j1OmIAs1fzKS6jbaQjtwK4YS-EJ8nNBR0R-kPEJVzHejmfrZ7htHTxCP7W2TvN8deHJ5lQ7BvAxgOgOxaiUmbLQR5cdHSKeXIVLldJ6w5tNoKxPmrA5qc038EumTRabYMFwDUU7CjGrmrxXH7ljqDOz6Jnq_Iq5fT_NjKkdthrBoVHODUgDnEGlSOOkZzFwG1YHKWlZFY9cV0JE8RZJFnUk8_nhvxZXprIGGXCaE-cuoxaofeYvT_VgSJ52Pt2J-377JEY5EmR6b9BWXabBmdDDLqXm0eqoAeHG0&sai=AMfl-YTsqr2uy2cfPwPqKQL9SzXnXCVRyh665RXCh7nKySmUsTOjb23oSI9ChpzdHVetXPyrz8iWWRReXh1Hba4Pj3ovWpHKFPRGP54cKIYrH-lthqPA4zTJg4Q2bNYJJooE0USTpt5Pj6sXD6YmXwB1QSLDhjUzzerE2ijx49SH5WMCBILB2s_0S6Jy1QW_mlEHheNE9q1JxCd2EPHl4Vfa-p7Ya1hM2ez-evTlDFDHfFi73SuuhiUmkJ45jwbaIpHLeZBxb2Wph7etYYXN8aBjC5QStL5_4S73pTdmIRx0eAzBVFyV44ruhxDAvdWHYcwgW6GL98mpXnF5S22BGNtdka1RrPQeNyPfVmVZ94BnqyyP8yxeqQbsHV2lW-cEmOcHm08vz4Ob4olxHMHTUOe74SaU0LOOcA&sig=Cg0ArKJSzDz2wStoUD5gEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.36106&adurl=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F59 41 KB
15 KB 278ms
96ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F59 42 B
173 B 313ms
147ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CL8HM_oy2wN6nm2dJ_eRS4nohPK-WAS6rQgkCXTZVLu5qutVgmudcxOrYPZr0q0sUSMclNQGSdAWHrKuUwkn1xBCqRhdW5eoaD-U4W9F7vBLwKkWc

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 0F59 3 KB
1 KB 271ms
89ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 0F59 17 KB
8 KB 254ms
72ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:23:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0F59 0
0 175ms
65ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRymCi6wlRNNBhpzIqfAq0og1m7Q56LAA4nEQnyT7piW6wl64C_hp0cFN42SL3A6CYA0SsREaQDQOERq3rZpjVGiBhqxw
Requested by: Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F59 140 KB
44 KB 271ms
124ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 02:00:47 GMT

GET
H2 200 2929740536609627096
s0.2mdn.net/simgad/ Frame 0F59 27 KB
28 KB 241ms
73ms Image
image/jpeg 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2929740536609627096

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a920b9103d2f309fa1f128a835902d3544bdc87218b984fe2d78fc7bef67acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 22:20:40 GMT
x-content-type-options: nosniff
age: 99607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27574
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 12:19:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 22:20:40 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6BC4 624 B
975 B 166ms
65ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjU8Y3PATAB&v=APEucNU-RUbj1uHGH6X4XZuaL84kZfpItOwCdZwmLZ3epUuEoych8joaefYNjck77ydambnnk4MzQvBM-9Sc_3kGmzLLVW7UAxa4kLpRjc7QnmFFWd8UEqXObZKTeGR2vVS6Q6UKryntU4U2r4-T6j2LKnTvJ5znFHQCPT9xzIOAWVTX7S6iS0c

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:47 GMT
expires: Thu, 29 Sep 2022 02:00:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 0B05 23 KB
9 KB 239ms
84ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 00:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 00:30:42 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/ Frame 0B05 6 KB
3 KB 296ms
142ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:44:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B05 0
64 B 231ms
104ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDfbnN4noVYdnOLG_Y1oHlFd2gsQuIEPxgsCMGfmOyEdEt7vPFiUFrP3Nwy-S9AQ-HfxDhy9eikv0IxwjoVDegUopqfJKYiZ6gs2csbQ299GduVZjtASdtfrDgyMdDsm1MVP3xroc236SDYzZ5CObhL7Fz90q9S6hrreaWPP8XAh9AJfVWjOFA7Y2-yMmR6xSTGWFD16nbL8WyGl9Tj3iBwaZPx251UzRf7CGIVulN2pHvoBsvSSc0lTihPwTf_FQd77ogaxHWQ5Oi72c1n0y3OlUmy-UiWwk1s45IInfQP4Tk-wu3RA7rpdA-Scij2xhofiy3bCu8l3h3lCA3CI10qF9vsXZkdtds6eh8QF3CX7zvo4odUrTbXWBUVkHap5wVSVbKqsgfIzvnkHhLS_XgdSEkA2nXm84BjSjh81xSUvXm18I7Pn-SsyHLl6m6jBYcWKINdmepAGHf0HRQoDP-adt6-CL2mGLscDOfQ3wCfxgUEnYAmAHiY_VbvVwAoXC_ADiZXUV69bsft0FQR8He4lGW6aCuaq3_TrzJwfw7nbv-nS9auIr2msHEN9YBoFb0qe3BPW7GFf381f1ITiMV09aJkgjik2DsNUizRwPH8odfWqKmYFVqFnSd8H0jKY4XN33ZYZt8YpM7r-D0L1aFw7cBPpZO59pNC5DRXjMZ3pqly3MYYBY7UyRq11F1MdmA_JqhRBjFGB4iCDRVKqlGY48qo10sOmbvuFnIf2VaHQtcbWrpvwz5f8I_M25OQ7yVLyWMDG0EFaWKBWNjcD2kybdKC7tiQemyStlcjeYlwtZosjYkoBz1ntZuEebmjsSMVaqxFG4hZfQwvmflDjs3al1k3YcGQAUuF0_fIIVA8JKG3H4Ert46B-rxjXWm_KD6OvvW-D6bw-sAtwOCELv1aoNKOo-BTH5wyVmVlJuHkeyhlWI4STwOhYesvRlczAH2stJTOzdsQxyE35yEZonr544aq1wIIEdsuY2W020sSpdE88B2aGmbClHWYv0kwZgF9nJmRPbQ0EG9oXtU-EUYxwc6U-F_ytOVB3kQaqlOwT1UFRQl2c-4MxsGLyCmZQZO-AkFAdt0plwor1qizcb38-7Hz_RZVgIRosC1W9ABA4lyov3K3gpkppJN96HI-qKp6yrpxZsOvU5bwsOAEqI5lz2nHdOPziRU7nGLlPm0HC1hr9v3GUDgUstDJuifxCvPB03q4R8YAeEy0vF94qiUHWwol8Z-Q9q3GRoWF_szokBgpI9NAHLN3ZWT_1OuPqUmGUyVamA&sai=AMfl-YQgN4CUn0MzZgrsQHdLGz9qu_h296QVU4qmMenXfWNUfXh_gmGMkmxZlzReBLUihHfgtfvRk-2XoW7yNptgjNfzDAh28MjcaVGfZfx-Zq43Uxb04gTCzse2OCfXThsHgazFoETTN5JGBG9EQi6S7M7rxypsItecI0hSxs1kLMNuZ8hILUwQgYJDb09vQFKiQzP9dIpEDljdoZyTRrB643BQ40sg3UvSPSGOHyYndNhTdlMj98ecl-hZsVO1_aXfH3kF0SV88WpVT6ttxhFTS4v0zXAwzibab2PbWyjnswugOG4p7BIP2Ovofz_i_2zd4k-71GzNHWHJgp3MjyXumdrn86EqnvQm71_ZtgYSwW2DUKUcI0s6mpS0nbXw6KTchkiOCCJmwqLZs68WCrgswXt06mUfPA&sig=Cg0ArKJSzItTbLaugdzyEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.75186&adurl=

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B05 41 KB
15 KB 327ms
160ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B05 42 B
107 B 298ms
147ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqEPJ8RC2n42uSMBMNRyQN-F4aUUZUryjRq5E59D80NBV7I9P6LBiL-TtIG0LZu3hUIR5-p17XKPRyF4MMS6GG-a7MM3COut_gfSgx1ppJVS7kz5s

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 0B05 3 KB
1 KB 259ms
92ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 0B05 17 KB
7 KB 245ms
79ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 01:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 01:23:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0B05 0
0 160ms
66ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0pKfHg94UuvLts8U__aZzx1_DpM4Mdh9IUdeBkfSMNvAkNeT8FTCBux1SzD1m7NrtyeF2pLYJBuGLpTcSGOqEP-FMtQ
Requested by: Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B05 140 KB
44 KB 332ms
201ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 02:00:47 GMT

GET
H2 200 9923838364781845936
s0.2mdn.net/simgad/ Frame 0B05 86 KB
86 KB 305ms
153ms Image
image/gif 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9923838364781845936

Requested by

Host: 420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
URL: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e9ed2f399b49327a78a7c6e942b0ef3d41239306881849af2487eb2ebdf53d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 22:00:58 GMT
x-content-type-options: nosniff
age: 100789
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88048
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 13:14:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 22:00:58 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6BC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1

43 B
844 B

139ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjU8Y3PATAB&v=APEucNU-RUbj1uHGH6X4XZuaL84kZfpItOwCdZwmLZ3epUuEoych8joaefYNjck77ydambnnk4MzQvBM-9Sc_3kGmzLLVW7UAxa4kLpRjc7QnmFFWd8UEqXObZKTeGR2vVS6Q6UKryntU4U2r4-T6j2LKnTvJ5znFHQCPT9xzIOAWVTX7S6iS0c
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFe3BoCb%2BWvpirqaws7%2BqOmV93Oxajlrw4DKMQrwXaGoNUtj68pgbbkkzMuI0NcmKFAxRZ7dZgBDqRTP1TBk0KbiLpm%2Bgcr7PIDCfiOQ4t%2Bnj9%2FAf1JeIVJgT9XzEsUKujPawuq5r7xldA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75212091ad2d76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Icfjg1r67yTZcSAQ4M8pS17hd%2FeDKRUJCq96TzDEcoBoKfSl3%2F5oxwpiPwsTgQXToQu%2ByLXsUkql9MlbQr8GbepE6VzQpdvzW2j6yifgVa4k8l7rzealEU5BQ01C9LJEuY18rixtfIdlgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1
cache-control: no-cache
cf-ray: 75212090abca7480-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6BC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1

43 B
844 B

76ms
76ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjU8Y3PATAB&v=APEucNU-RUbj1uHGH6X4XZuaL84kZfpItOwCdZwmLZ3epUuEoych8joaefYNjck77ydambnnk4MzQvBM-9Sc_3kGmzLLVW7UAxa4kLpRjc7QnmFFWd8UEqXObZKTeGR2vVS6Q6UKryntU4U2r4-T6j2LKnTvJ5znFHQCPT9xzIOAWVTX7S6iS0c
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUMvnRa2CP4t27Zmtvhwn5DMBMebLiFLUu9mfm5JQYsgwC%2BySzklwM1zaHXNCTwH21YyLuF0KDxyt0L7Xu63Jev%2FVhLLfSihP3VeuHS3EisZDjAc00M%2F1DPFpYVkXDpjrfHGBCOMEbhI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752120929dde76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6BC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

43 B
1016 B

104ms
56ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhjU8Y3PATAB&v=APEucNU-RUbj1uHGH6X4XZuaL84kZfpItOwCdZwmLZ3epUuEoych8joaefYNjck77ydambnnk4MzQvBM-9Sc_3kGmzLLVW7UAxa4kLpRjc7QnmFFWd8UEqXObZKTeGR2vVS6Q6UKryntU4U2r4-T6j2LKnTvJ5znFHQCPT9xzIOAWVTX7S6iS0c

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:47 GMT
AN-X-Request-Uuid: 1f8744f9-3763-479f-a3ab-8d898b6e0ccb
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BC4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

170 B
188 B

189ms
77ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:47 GMT
AN-X-Request-Uuid: 947c7f2e-0e16-429a-89e5-faa9b6d938ee
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 27A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1

43 B
843 B

143ms
82ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhiLkPrTATAB&v=APEucNXaj5hHjQmkE8BQOY3KljbFxh4E23cv6Q5r2NqdTpBqtbuqm2nzM9xw-W1OyDBbW08urQgJtYS3YPWS2x08jTYtnuECpzegDpvjrFSrT82fFyONdGbxIPYpq-rX4fEevwgGFpmo1pasbZ3b5AZW2q7_Mc68xpTDS6ZX_vaEUdX2ezDvf_Y
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Bo21Eg3UGgV3ZCJsrjLu5SH6GEVJeE5eQKtTzEJgxrMzCkv08vrk9sFFJAEzSyEGpFtr2RilO7sHHkEGSv5wm5%2F8B1QLpfKjw9nSI%2FEbQgkqeqetYyvgihCRXxOFH6LJaCH8uJuRg1Wxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75212091ad2b76f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCK1Kep210ga11GrUz%2B9NOP2QkTGqG6S9Axtr8MKa4Sq%2Fcqk65DBL8fGc4aPgFlItzxRkcgF8QvlPeImeMJkXO9h8aAExkRNGLZDrqZhOxr%2BJX6NDJ0QgSt1f4veU3ME4SSuXaPTzn75mA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1&C=1
cache-control: no-cache
cf-ray: 75212090abc87480-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 27A6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1

43 B
840 B

77ms
77ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhiLkPrTATAB&v=APEucNXaj5hHjQmkE8BQOY3KljbFxh4E23cv6Q5r2NqdTpBqtbuqm2nzM9xw-W1OyDBbW08urQgJtYS3YPWS2x08jTYtnuECpzegDpvjrFSrT82fFyONdGbxIPYpq-rX4fEevwgGFpmo1pasbZ3b5AZW2q7_Mc68xpTDS6ZX_vaEUdX2ezDvf_Y
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj%2Bii11bXT9QdHfl5yw77yBck%2FF2dbngdgr4tgRh4Xrg9gOeJvNMO2ATr7sEKk65x7mWyMAaQZOLWj7Fn9sURRrLM4IZdDc7pn9jCuNrifqr%2FvUpg5iWA7pyiGwr3V3scvSfbvTB0UaxHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752120928dd376f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEidW4T8-NrZQxGBmke5lls&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 27A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

43 B
1016 B

101ms
56ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjqvgIQi7bqAhiLkPrTATAB&v=APEucNXaj5hHjQmkE8BQOY3KljbFxh4E23cv6Q5r2NqdTpBqtbuqm2nzM9xw-W1OyDBbW08urQgJtYS3YPWS2x08jTYtnuECpzegDpvjrFSrT82fFyONdGbxIPYpq-rX4fEevwgGFpmo1pasbZ3b5AZW2q7_Mc68xpTDS6ZX_vaEUdX2ezDvf_Y

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:47 GMT
AN-X-Request-Uuid: 227f9627-6ef0-4324-bada-23cec9eaf918
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECS_Vr4kmJVFeEH1ay5YdEo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 27A6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

170 B
188 B

132ms
78ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:47 GMT
AN-X-Request-Uuid: ca736059-42bc-4a69-9521-844ee26f7564
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3NjYwNTQxMDg2MDc5NDkwMg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B05 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f478b72f7cb2e0f0c47a1c3d4a28b4c4fd658fd8b7ec32ff9880c1af1b35be

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0F59 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42e6ba94825f1c4ed657d936e67fa98bdb01af369a9dbbdf66aa757efb18f089

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0F59 0
26 B 215ms
92ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C9C 22 KB
8 KB 220ms
73ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 371875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:42:52 GMT
expires: Sun, 24 Sep 2023 18:42:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ABF2 22 KB
8 KB 180ms
77ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 371875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:42:52 GMT
expires: Sun, 24 Sep 2023 18:42:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B05 0
26 B 95ms
95ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pravda.com.ua
URL: https://www.pravda.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame ABF2 36 KB
16 KB 220ms
73ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 00:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 00:15:18 GMT

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C9C 36 KB
16 KB 222ms
77ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 00:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 00:15:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 253ms
106ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c65edfb635b35a6244d20dd7f5cdfd82b70a9075140f6b81a1d82cfeb370bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11084
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E957 15 KB
6 KB 386ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.pravda.com.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 561129
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 193ms
193ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31069995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 02:00:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C9C 0
20 B 110ms
110ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL01ATvw0Y-3nHLL6gAfhrJ-ABAAAAAA4AeAEAg&bg=!BQalBkLNAAYIxsuQKMY7ACkAdvg8WpmLUj6P8tPx3chVHizoeVl6EAY1sUI01x57St4sF8ec7VREIQIAAADRUgAAAAJoAQeZAuTGKyrC6c2b3ydQ8D1H65W9IBOa63RZVp9DOyKKyeeN8pwC8tLvXVPNgzDFXO9zP0jbQYOfeUMwLZW0PX5jLe15ajOThKGBtHT9HaiBPmFa5ODcxex0y0N3yjI9OaYfxmjBzs-JBY_cxZricL9N5qCF2nSx03DiLbJBWd31ReItyARMMqct7y0wFjjbmAVsyW95F5utfOnlreC0mLsRY-iQMTO1VDpJJd8wyKxPoeEzKJCRA3GznIB8N2KCxQrVjNEfR4g8Vb0iuZN4cqxMMPy4CPEuMJKnNIV2LdXD-WHSt5edfQc9TVYrJ2Qmvv9TyOANoNZkLrzwsZpY4FIGe-vJXre_OJzbdcGLC4vVoLcuHDzuEIW7akbx0KT5EKRj8VxtHZNw2t6siBL_QR59MEo_UITaLHwckp7qee93V3feMHfsRZZLKpoxtVPIuchbGs0OgWE2t84C4s0PW1n9xFXig2-yXg_bzMzIXRgdKrgjdZSaEkFDJKJui3VEYbC39IbQbaPH1DTQExbwH5XJcc2oNHqOuwPUKSyREH9JNrrxxZ4nJeFn_hIapQCw55brdl2uQU3rjSxr8NPrN2dUjYtTbaTBisDYTwTj9MmM_mudVpXJTMa5rJOcja-tom7KgjFDdQ8g5nQM5W08QZ76BxSYaRLKZk-Y8U3fwttpglhl-VkQbjNY3kCM9AOrmi6b38O3EHceOB0GH6qfw2Fbotfg8r6KLC5AwqaWbZE6CfbuPpvFQjQ30F7p5ZmKoOI81PjmafKepWAwsy0JC30k72L234OeQ1DAo18tR0FALwwRq6KC_5_GjY-ApcwecJ-5r_6GyQBWfXUfizwXPSupapmdnzCNR2bNsuoQxMVN-hnBQYcNrOMW4NqvHItdGfGqLasGuGp-K-W2eLO3AKhJ8pqLAgZed8kAIaQF311GdLyOu1yC5J9xnuFDHHqXyU_dchnzeznrZcX2MSjFD0pgHaCb4Z0Izw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABF2 0
20 B 107ms
107ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLuGtTvw0Y-znHLL6gAfhrJ-ABAAAAAA4AeAEAg&bg=!VValVhLNAAYIxsuQKMY7ACkAdvg8WrgSoOJOVd86vjrl2FfSvOs1vOGaqV3qsLj_BixEe9SXXix_PAIAAADFUgAAAANoAQeZAuiWKmPoK5U7veqYvk25NVGyXbJlRSCwjkv4FBsVCZmws6BVVBje6Wp3NvafDMDuSt1-97NJneqJ1fDVyUWdNhQRwNwhqxUX6GfKR_t5ecyqC21DnildDIdvieoErAdNCjk9YsmqYoZHQeONvM0vmivOSTLmfD0XJHO-bdSAlNH8Ft3JufT5X8hrh_7jqvLXEIyR4UCU-3cv5zDuAIb2CQrqMiP5Pgfc0ijyHCMtCxcCMdVIEbkAFA52WhJ5Lv9aM6poiQ1IiFCeXoYZvk1x-KOluv05QUyMx_ronV4Z2kQ9yyVaYSuLgYX_FNf1ZZt3vTIcjG_iHbe9rTjhY1duuB8PJPVuLcUDiSUR1HkiMEGNleURJE6RJRuYUhPwMzfIayR1mZBGd-zs8RPKRkuaFgJ9XEuRRStg31PlCsPXxrgFqA4ltCCjUDP_gJBIZB35j0lTkWWNDJS0laGurZ7U0jCKBA7o5JTdcUqnCLumNMmH8U_--tAoN0fd4THxwWJJMhgzWe-Y7ZvpneYcZx1xuz1aLnO1IpFe7-VV00j6VeIdkxh67UBghC6Wgv3iA3w3ktp58i2jvvSfQLDdSW9WicWHI0e1p-YohWP6ZTx7bAEtIDmo44hBsEwplDJCAptSja-nEyQHeLb3iVb5qPcw86JRbyLJGlKbNb_I_ckmWNN84g8EPen-cawi3BWGPH5QH1uXJZpzuX0sv2r3GYnvAuTYvjDPxrBfbzuQrnSapZdR5xl0scF2VksIKTWigmWzG4cCYkqThaxp7u7kGp7DNEuShbDHFN2uvqEHIlTaHVofa4ahnIQ4gkl1JeyOLudfpvi8nXCwyTSxLLGvqDP-9X-0RuEmKsTTeBcxjLjbEkkUViL2H20mN6z9twvsCZKVRH9tpwQUeFMLDVYsE1THnKMcJP_A_2IX65APE4vfA8DSDMteRPzRuL76HGJNLYWpkJ8MEHlG_qEqeBkuGmo9YjYb5x5R0PXTub0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E957
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=pravda.com.ua&sn=ChromeSyncframe&so=0&topUrl=www.pravda.com.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XqDVE3xyczJYZUFDUWF6WXByYytOSXk2Y1dCNloxL1FLYVh4YkwxWU5HZXFFNlBWa1FnRGZVUm9wcDN0clI3SVFEc013R0VwZXBxdElDdlJqMWZZTjZaU3N3bndhRDdTOXpIYVc3aHltL0IwZmRmdnRia21TcG1NM0xvSj...

428 B
658 B

319ms
64ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XqDVE3xyczJYZUFDUWF6WXByYytOSXk2Y1dCNloxL1FLYVh4YkwxWU5HZXFFNlBWa1FnRGZVUm9wcDN0clI3SVFEc013R0VwZXBxdElDdlJqMWZZTjZaU3N3bndhRDdTOXpIYVc3aHltL0IwZmRmdnRia21TcG1NM0xvSjB3UlpacENJSFJqVkJERTVHWHJ1RDB1d0RrUjBTRDNiUGlyYjF4WW5nczR4WlBhdVpkRVR0TXRCWlpQd1lPeE4xRTFhME4wZE1oeml4ZURJNnZSYWFYVHo4Mndad1pJbnVyWDFTeE5NR2hwOENhT25nQlVlaDJ0dXFtRHZjTTlQQ1RmL3ZiUGNEMHZ6WXZyVjB6Tm5na3gzRGsrL0VtQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84b78e5e85a9fbcdb744556b4bdc083172d9694979d56d69dfe414f195b24c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2296516
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XqDVE3xyczJYZUFDUWF6WXByYytOSXk2Y1dCNloxL1FLYVh4YkwxWU5HZXFFNlBWa1FnRGZVUm9wcDN0clI3SVFEc013R0VwZXBxdElDdlJqMWZZTjZaU3N3bndhRDdTOXpIYVc3aHltL0IwZmRmdnRia21TcG1NM0xvSjB3UlpacENJSFJqVkJERTVHWHJ1RDB1d0RrUjBTRDNiUGlyYjF4WW5nczR4WlBhdVpkRVR0TXRCWlpQd1lPeE4xRTFhME4wZE1oeml4ZURJNnZSYWFYVHo4Mndad1pJbnVyWDFTeE5NR2hwOENhT25nQlVlaDJ0dXFtRHZjTTlQQ1RmL3ZiUGNEMHZ6WXZyVjB6Tm5na3gzRGsrL0VtQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 565155
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7391 13 KB
5 KB 73ms
72ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 313329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:58:39 GMT
expires: Mon, 25 Sep 2023 10:58:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4351 783 B
534 B 63ms
63ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c36aec127e64e65ef57a60548ba07a7ce4847fb904dc1ddcc93e236ee3a8b498

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TXAeYiS0uWqI8cs5ORNDiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-TXAeYiS0uWqI8cs5ORNDiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:00:48 GMT
expires: Thu, 29 Sep 2022 02:00:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4351 0
0 105ms
105ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=2442884170109442&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7391 36 KB
16 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7391 0
10 B 72ms
72ms Image
text/plain 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?r4UFhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=2442884170109442&bg=!IiGlIWXNAAYIxsuQKMY7ACkAdvg8Wj0lA1IDiL5DH5CZJwCNIGxEw6CTKiNODSPd7xIET51yoMc9kAIAAABbUgAAAAJoAQcKAKHrLpwbnRkJXacVCjpALkh9_p4p2BIl0nsiQv7IxRxsHbB_ths7exPpFok3qHoCRoBxZOsRoGT3I6Cmgofu9MPzukltYJU0EykMcymjbtYtlPuViUwQ-M0YwhY8tHkKI7z8O4WMJ1Jmw1pjOR2nwH5T0--sn8LsK_WyfLcJ7OPCH5kkGIoJXHCKEx4RqaoSBhtciwwNKLPFDYxqN4cwoEoNhZkCpQAz4iESwzguMOgwCgZtZQO3Mfe0VE6YVJ79evZfdOr4K7fr1w9X9fiQGwXPXruRYPSGGFafgstZTHwGtMAEy2B6xZ9nuEymMwaDNfPsspKxwMxk79vxaWUU_-CgGTVC4XLSnQiwIH9cWb9xOw3FCyYZ4pkxIKfy1oSuElvWF2WpknxFIjMWPNukLc2PCrVQ7zR21o2qZMPFgGfJzye8UpusUelBC181fKW4oORmL3iyf767YZ46qLkEs25zrzu61RMbathQ0RNG82EO6zsieiF8GVJoQzZi3JkQuWG9wrx4gmenlv86OuGNc7V8mYbxGZqqR40GmszZCo0aUxBZ2C8KEE6gC1A-6jRuzO5iZst3sP8nwtr4A_f0ysq1E802dubezbNC7amEF2CQk1FjP13kKWY3XY92tN6-rWnTFT9s48NOoclQmeJ9c2WSS1gJLDDkZn-PGVYuNSGa1mjiwT5QDBTpMZhyNA8ShADuUUetVLiB2k0_AafQC_8WrO9dp_2kZUlIoe2h6ivnC1xsOtYD6U1H8cFm926E08dL6QQQbgrxULPPfTd7C92gDBsRZugq1f7XU518jAPC9_UyCdcqeP_tleWEDNWQkQPRMPW0APTSinx0-W-iMneFv3pTI36TYURh6JBBcQHAh4ERUp_HOgVPvJAGydBP1ryoQAQVgHkKN0yIjcXQziqqilfvbAG4VArvCfZ9ZQ-hjfBDsNTPM6tQmLp5Dl-sREqDqoglrMNkfGK3SvGrEnFS2AEN1D3kDolQpYyxRim_i0vC0J40Ccd03SCQXpSZlWHqe3LAfJdprx7upIruTUM-CLJOTs2lwWudjkfAjU0yfocjgLQ2HSPLFZ26p-4z7qE5KsPjJ84T1QVJK8fkc1RBJZu_8h6RyJv6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.pravda.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 64EE 3 KB
2 KB 271ms
53ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Sep 2022 02:00:49 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CC22 37 B
140 B 174ms
61ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 29 Sep 2022 02:00:49 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6AD9 52 KB
17 KB 210ms
53ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 72990
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 29 Sep 2022 02:00:49 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 987330
X-Served-By: cache-lga21951-LGA, cache-hhn4041-HHN
X-Timer: S1664416849.406437,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C1BE 281 B
573 B 349ms
54ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/upr/ym.js?v=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.pravda.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Sep 2022 02:00:49 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6AD9 0
743 B 57ms
56ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:49 GMT
AN-X-Request-Uuid: 154b0761-fcd6-4b3a-91ac-1369d5fdfbed
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame BE0D 2 KB
1 KB 187ms
85ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c28dddf3577f806cb7ff8bab12c46857ca4c88adf378f66bcf19a327627335e3

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7521209e2a128e0f-LHR
content-encoding: br
content-type: text/html
date: Thu, 29 Sep 2022 02:00:49 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg4bSOV1Q01%2FQdIAcLkC4Owz%2BPB2f6miE9pi%2BXfiLDxM4pN3W5578myjm7ebKv%2Fbus%2BFXT4jB6K5JJ2a%2BAcQJJ3p3JEHQiIGOdK%2FJNU8C8icKv3nKvpg2jsqkenbh7TpzOHW47fL0L8lzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C1BE 31 KB
10 KB 54ms
54ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 02:00:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39055
Connection: keep-alive
Content-Length: 9421
Expires: Thu, 29 Sep 2022 12:51:44 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BE0D 70 B
265 B 197ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BE0D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&dcc=t

43 B
855 B

147ms
147ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3XMXFPN9D9ZMNRRDCXWM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WE23QS5DWA9KTJB4QDKS
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame BE0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFHnjM5jlHPw3cqYws7aYwc&google_cver=1

43 B
875 B

131ms
82ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFHnjM5jlHPw3cqYws7aYwc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzN91MFmhed8JI035GPEEXuvItBcY5KytZpRCbfEWwnOL3sJgkYlxzXKfDKxGAhP91GBEAvbagkquo3Ci4NdA1Y0TdAPTmuu6UYGkaDNoHN6sYmaOOpXgYbcHyP%2BKoLGOY0mGmIDdy1okQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7521209f78c67780-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFHnjM5jlHPw3cqYws7aYwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame BE0D
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5276605410860794902

43 B
843 B

74ms
73ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5276605410860794902
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEa6SkMezlzfnFci8xu7%2Br68BHrvnCd%2BDmzf3HhTNWWQxD01blLN8AAvIwqLK%2BfjRDqypZzUojzBqirouaPiHr3rzgbrFRe%2FtIBqIT1D63ir1VJbJIWV6FCyVufaVw2XYXj2d04TM18NDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7521209fd93776f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:49 GMT
AN-X-Request-Uuid: 49ff637c-afda-459a-8975-c0892cb7420b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5276605410860794902
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame BE0D 0
0 156ms
54ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE0D
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
https://pr-bh.ybp.yahoo.com/sync/casale/YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB

43 B
602 B

201ms
59ms

Image
image/gif

2a05:d018:d29:3605:7b94:90d0:b5d7:ff5b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3605:7b94:90d0:b5d7:ff5b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/YzT8T3C3HdBKzzsZC6Vc1gAAFA0AAAIB
date: Thu, 29 Sep 2022 02:00:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BE0D
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YzT8T3C3HdBKzzsZC6Vc1gAA%265133
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4aadd6e5-9116-4f84-89ba-01600566fd4b-tucta2e81d1

43 B
848 B

75ms
74ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4aadd6e5-9116-4f84-89ba-01600566fd4b-tucta2e81d1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFCFMqvNyTjF2HxsZsRKgxpqtFTBCbmxWnTJgJEMNkVszOkJ%2F7QkBqqXxZiuP0L9tWQ%2BtvDAQd4YBfymA5ve%2BYAF452r4L%2BWD9%2FA9MuUyW03Y%2B7pWt9Z4lBvbwQqptXUFfwPY7cDwYzBJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752120a0b9f176f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=4aadd6e5-9116-4f84-89ba-01600566fd4b-tucta2e81d1
date: Thu, 29 Sep 2022 02:00:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 54644

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame BE0D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iC5OAxPY1ODIR35

43 B
842 B

79ms
79ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iC5OAxPY1ODIR35
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YfMmUaqWlxfuuj8nsN%2BRprzhdwL9hLRLJMlGU9XgacSqcqmxaXX0NQZxVb6Y9azadjHEOdV1u5kcRrevLG4sI0R8gG%2FERRepKfjq1OfRcH4L7tHsw6slnvcXH6jtoNv%2Bbwd%2FivqT6j2iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752120a0ca0476f6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:49 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-09d402fd386b2a89c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=iC5OAxPY1ODIR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame BE0D 43 B
351 B 172ms
55ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YzT8T3C3HdBKzzsZC6Vc1gAA%265133
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pravda.com.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:49 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 242
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7521209f7aaedceb-LHR
content-length: 43
expires: Thu, 29 Sep 2022 06:00:49 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame C1BE
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8METDLV-24-IK94

0
708 B

366ms
237ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8METDLV-24-IK94
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 02:00:49 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 023FFBDDA35C4E45AC5EA1A6CCBB6EDA Ref B: DUS30EDGE0916 Ref C: 2022-09-29T02:00:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpxz8dvlqtQ1n5QVE9Jw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8METDLV-24-IK94
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame C1BE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bsRgJEufS9urbXDQpB5Jxg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bsRgJEufS9urbXDQpB5Jxg

43 B
479 B

60ms
60ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bsRgJEufS9urbXDQpB5Jxg

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QW7F2JCQK80ZZNNW0953
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bsRgJEufS9urbXDQpB5Jxg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C1BE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nbjbA1YaTBe9uYuN5ng12Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbjbA1YaTBe9uYuN5ng12Q

43 B
479 B

142ms
141ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbjbA1YaTBe9uYuN5ng12Q

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NCSMYK7XQF26075SVA80
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbjbA1YaTBe9uYuN5ng12Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C1BE
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWNmYzkyMzE0MWIyNDZiMzY4Mzg5OWE4ZDQ0NGFhZjIxMTI4M2QyMg

170 B
188 B

66ms
65ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWNmYzkyMzE0MWIyNDZiMzY4Mzg5OWE4ZDQ0NGFhZjIxMTI4M2QyMg

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWNmYzkyMzE0MWIyNDZiMzY4Mzg5OWE4ZDQ0NGFhZjIxMTI4M2QyMg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C1BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEEb5V4TaDh4ciXYqTfYG-k&google_cver=1

0
239 B

254ms
59ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEEb5V4TaDh4ciXYqTfYG-k&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEEb5V4TaDh4ciXYqTfYG-k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C1BE 70 B
264 B 147ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Sep 2022 02:00:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C1BE
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNRVRETFYtMjQtSUs5NA==

170 B
188 B

66ms
65ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNRVRETFYtMjQtSUs5NA==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 02:00:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNRVRETFYtMjQtSUs5NA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C1BE
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/BAmy_Op2I2mRrtmOgpW5Ecn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5663539187457484377

0
239 B

59ms
59ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5663539187457484377
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 29 Sep 2022 02:00:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5663539187457484377
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6AD9 0
743 B 56ms
56ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 02:00:50 GMT
AN-X-Request-Uuid: 9e862414-a21a-4d8f-a266-80a47d4fd7cd
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pravda.com.ua/	1970-01-20 06:21:43	Name: _io_ht_r Value: 1
.pravda.com.ua/	1970-01-20 06:20:17	Name: __io_d Value: 1_705468254
www.pravda.com.ua/	1970-01-20 15:05:52	Name: __io_lv Value: 1664416845496
www.pravda.com.ua/	1970-01-20 15:05:52	Name: __io Value: 3522c12d3.1d0102c15_1664416845497
.pravda.com.ua/	1970-01-20 06:20:18	Name: __io_session_id Value: b62a013c1.1c98df6f6_1664416845498
.pravda.com.ua/	1970-01-20 06:20:17	Name: __io_nav_state42124 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22www.pravda.com.ua%22%2C%22previousDomain%22%3A%22%22%7D
www.pravda.com.ua/	1970-01-20 15:05:52	Name: __io_unique_42124 Value: 29
www.pravda.com.ua/	1970-01-20 06:21:36	Name: __io_uh Value: 1
www.pravda.com.ua/	1970-01-20 06:20:17	Name: __io_visit_42124 Value: 1
.pravda.com.ua/	1970-01-20 07:03:28	Name: pageviewCount Value: 1
www.pravda.com.ua/	1970-01-20 15:56:16	Name: cbtYmTName Value: MUoTWFUTCxNUV1MECAkCUwYIVwgBVQMFE0z4
.tt.onthe.io/	1970-01-20 06:21:43	Name: io_uid859faaebd514d65ed0a19a5eea288384 Value: 29
.tt.onthe.io/	1970-01-20 12:41:52	Name: io_user_hash Value: 3522c12d3.1d0102c15_1664416845497
.pravda.com.ua/	1970-01-20 06:21:43	Name: _gid Value: GA1.3.561647875.1664416846
.pravda.com.ua/	1970-01-20 06:20:16	Name: _gat_gtag_UA_554376_1 Value: 1
.pravda.com.ua/	1970-01-20 06:20:16	Name: _gat_UA-554376-1 Value: 1
.pravda.com.ua/	1970-01-20 06:20:16	Name: _gat_gtag_UA_554376_23 Value: 1
.admixer.net/	1970-01-20 08:29:52	Name: am-uid Value: bc66026fd73f4d4dbfc87f492ce189f4
.pravda.com.ua/	1970-01-20 15:56:16	Name: _ga_MRSXWZPM31 Value: GS1.1.1664416845.1.0.1664416845.0.0.0
.pravda.com.ua/	1970-01-20 15:56:16	Name: _ga Value: GA1.1.795151713.1664416846
.pravda.com.ua/	1970-01-20 15:49:04	Name: __gfp_64b Value: W1i24AC1oMNmGRc7hQ98eYMPdVCQYlygj9Wc5jeT7uL.G7\|1664416845
.rubiconproject.com/	1970-01-20 15:05:52	Name: khaos Value: L8METDLV-24-IK94
.rubiconproject.com/	1970-01-20 15:05:52	Name: audit Value: 1\|naVuGyos1qo0XuQXaa/I0q2qEsFCZ0ctSdOhPT1GMTlcmto/E7oIO2creyFy10uADeArVX3AY+pcQ35f6D1mTeBxGCOXoSK1RsqIzrdodY/c6UO785F0Pw==
.adnxs.com/	1970-01-20 08:29:52	Name: icu Value: ChgIgO9-EAoYASABKAEwzfjTmQY4AUABSAEQzfjTmQYYAA..
.adnxs.com/	1970-01-20 08:29:52	Name: uuid2 Value: 5276605410860794902
loadercdn.net/	1970-01-20 15:56:16	Name: vui Value: 6f9ab51d4cde4364b26356ac76f9d891
a4p.adpartner.pro/	1970-01-20 07:46:40	Name: apuid Value: d798a737-68d5-4fa7-b7e3-733ce8c3de53
.hit.gemius.pl/	1970-01-20 06:30:21	Name: Gtest Value: KlGquMXGQMGGH9G9lWrQY2iissGMXP8c25nSG9yZTMn7XBG.
.hit.gemius.pl/	1970-01-20 15:49:04	Name: Gdyn Value: KlGWyRaGQMGGH9G9lWrQY2iissGMXP8c25nSG9yZTMn7FRxSG7RrGS6Gx9sBFlMQYH8W8jBGqSRxSG8.
.pravda.com.ua/	1970-01-20 15:41:52	Name: __gads Value: ID=fec6fe4bbca2970f-221110ee35ce0084:T=1664416846:S=ALNI_MaXfupEETpT7lBeFVCVhOlekhGF6Q
.doubleclick.net/	1970-01-20 15:41:52	Name: IDE Value: AHWqTUmJp8QO5vpbp3B2AjUrT5JerQsm2n6Nag5M9oKYGgyV0N-9_WDQB53lhtG5
.casalemedia.com/	1970-01-20 15:05:52	Name: CMID Value: YzT8T3C3HdBKzzsZC6Vc1gAA
.casalemedia.com/	1970-01-20 08:29:52	Name: CMPS Value: 5133
.casalemedia.com/	1970-01-20 08:29:52	Name: CMPRO Value: 5133
.adnxs.com/	1970-01-20 08:29:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C')o:>K[!]tbPl1M>e)ZlrFUfJ+tGXxoaI0yhQ<Xv:@Ux9WpPPJ^lFp6->c?3SiU^6Xv3If)y3KL9D3I?+>b/$Qm
.criteo.com/	1970-01-20 15:41:52	Name: uid Value: cea92660-4df7-4a3e-9fba-69473195847a
.pravda.com.ua/	1970-01-20 15:41:52	Name: cto_bundle Value: tBQ7RF9xeHg3VWgxTER3NVhaUUJDV3VMWWZ2b0JFOHcwRHFGZDhEa0k5aERNMExKSWRCNDdPTHN1M1JRN0poazVWTEw2RXMwM2c3dW1TeGlwc2Nsc1hlSnZqRjk1aXMlMkYyRHBGdXJ0Y2pSZFolMkI0SnBpbVAlMkZoME1abE9yclpXbE45bWhOY2VMV2hoWWNkJTJCNCUyRmRyZFRkVyUyQndSUWclM0QlM0Q
.yahoo.com/	1970-01-20 15:06:14	Name: A3 Value: d=AQABBFH8NGMCEGYCX4H_pqDrammikT-KFCoFEgEBAQFNNmM-YwAAAAAA_eMAAA&S=AQAAAoJ500BeEmiTCIlqTYwjjlE
.w55c.net/	1970-01-20 15:49:04	Name: wfivefivec Value: iC5OAxPY1ODIR35
.analytics.yahoo.com/	1970-01-20 15:05:52	Name: IDSYNC Value: 175w~27fd
.amazon-adsystem.com/	1970-01-20 10:45:14	Name: ad-id Value: A-8BHYbfnkVXlQVTOtrqcn4
.amazon-adsystem.com/	1970-01-20 15:56:16	Name: ad-privacy Value: 0
.w55c.net/	1970-01-20 07:03:28	Name: matchcasale Value: 5
.casalemedia.com/	1970-01-20 08:29:52	Name: CMTS Value: 1145

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

420e43bee9b1506756c081e939846ef9.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.indexww.com
cdn.membrana.media
cdn.onthe.io
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
img.pravda.com
inv-nets.admixer.net
js-sec.indexww.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pravda.com.ua
px.ads.linkedin.com
region1.google-analytics.com
s.amazon-adsystem.com
s.zmctrack.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tt.onthe.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.pravda.com.ua
ym-tack.b-cdn.net
104.18.18.126
104.18.19.126
107.178.251.122
108.138.4.10
108.138.4.150
116.202.11.242
138.199.37.230
141.226.228.48
142.250.186.162
142.251.39.34
146.0.227.110
146.59.10.80
146.59.30.96
151.101.65.108
178.250.0.157
178.250.2.131
18.156.195.47
18.156.31.19
18.157.93.190
185.187.81.40
185.187.81.41
185.239.173.226
2001:4860:4802:32::36
23.205.235.133
23.35.236.247
2400:52e0:1e01::879:1
2602:803:c003:200::31
2606:4700:20::681a:bd1
2606:4700::6812:d4c
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:400d:804::2001
2a00:1450:400d:804::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2006
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2001
2a00:1450:4025:402::9d
2a02:2638:1::13
2a02:2638:1::3
2a05:d018:d29:3605:7b94:90d0:b5d7:ff5b
3.126.56.137
3.33.220.150
34.111.239.200
37.157.6.248
37.252.172.123
37.252.172.250
51.83.220.94
52.46.143.56
52.95.125.22
69.173.144.138
76.223.111.18
95.216.24.148
036c7f0983c96e56a2ec57bbea4b998297e58047adab50958adaac348ca52241
0392442345c82265883d6048d26deff1cd9940cc653064698407cef758f0be97
041e46bf70fbeb6e8c4efa5dd519679e7c18cc0ea0cf2401a1dc6731574b7b4d
05183e561e51aafc81df6346bc29a7d00d68492d4e9c7eb1674b3740d030abb2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
17404fb96c31bd8905c8be2bb35722f605c01a81d4546a74a183d0420f27ad04
19e158939fd0d2f0434a86864209cd0601b08115a6328d186bed79fad334b57f
1bfc502b95618ad0ad2ab9ca75c89d0b42762d0ff2ebc0dd8c8d1855d7816880
1ca5c467c103e893f33cfd3f9c6ac5c92768210d148d750c9425cc64b36bfc72
21641166d7b7b069a6d40584a92b946967e7b33a098d066b922f4d2db7b71de9
2284685098d44eeb4ff7882b6fa24c88196aad8c95745c3718116e809790ce40
228a3b791b4b5d31648dd5f362d6685586b53e1165920e9df80477a357aecc97
27f4eb20513cb49452d33d3d5a4fe5552e359026114da038e235ebf373b9bf6c
2c45a235a1f0e2e3e88291659ded69e6b60cf749c8bd454850219f1613eb6d27
2c54310906233de7036f2f7e5a999077478c77e6da99e8ee7fe70c719cc66485
2c65edfb635b35a6244d20dd7f5cdfd82b70a9075140f6b81a1d82cfeb370bce
2f0a9dcaed36ada0086994a0cf6bb6650881d92db20cafefcb5e7c3c89ba3cc0
3064de5c678aa58b6d51dad919e2dfed7a938e34b87b40131a541d2f65b28ab5
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
3d4b85f99430702929f8925281fdb23d83c0dc7bf5f88562aec7066370f88815
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8b42424702c9f88381d064985b720e2da085b15d7f4f3c2dee3a221859453a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42e6ba94825f1c4ed657d936e67fa98bdb01af369a9dbbdf66aa757efb18f089
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcd3f4f5dc7f43c4a9268fc8b10f5e982f47ced094553f682d83e7707ee58cc
4e0bb5a46bfdd4c965486c80e672e61c1d3f180e35be6d094f6b8094cfb2feec
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7407773f2f183fdd575c44139ac4140e09de764d8f968b9661f37060daf470
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
523685b138c067197cc856ab8fa9475d6ffbe6f9a9a715f596216b215bdfc5f3
54f478b72f7cb2e0f0c47a1c3d4a28b4c4fd658fd8b7ec32ff9880c1af1b35be
5544088fac067558553964c26a02beec4a2403317bb094dd009c52902de0dbdb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
595dd2499b4804d96cb8ea66281f80040e94c54f8c7c7e1a98c5a3732f1310c8
59e9ed2f399b49327a78a7c6e942b0ef3d41239306881849af2487eb2ebdf53d
5a920b9103d2f309fa1f128a835902d3544bdc87218b984fe2d78fc7bef67acb
5fa69bf6838cac9d1c18da70c7fda64e69079a16aed9fd1c31f73ef14c71448b
617aaa275c747e322bbd678ebb079c47fda940845cd22901d0c2f014d862fbd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fa1acf71a539d4f4e58b0cca3e0ab789d0a9788d98633fad66c3dd3d32e1e1
637748bd4ebcf97c596bd5bfdee2e7259d109333753c22b6bd66a126b519cbea
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63e1a1a75e683c02f5c8cbc8335937144ae91bb5c6ca0ae41ea1d4d222f492d7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c83a3be0c2975f9fba4c0cd2941a018cbe1efdea40db2d0efce0f03b04b933e
6dc7458475c35c783beb00af4f2d473f15f6e61643494429c3db82b895ec5fd6
6f712eb9f2435a5aee704b46aefcfd0486cee2210e2475dafca8c4151563001d
70bb5b87e6b41923f882a39c3b7b3ecdd1a8818c6e1b3f145700ed40943be567
7181c87bff521fce029fb02d9aa4bf8a7e17e6305530db7dafde75e9fad6846b
7289fa539d682275fdf1a2ae4a5e0cea5621a59b83d4cfd2288f6c55b3585c55
75afdc11341314f2e15744013b22b8224cca615a93638cd46e8968349d56dde9
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7d4cd515598b21cd963f20e9d7179924828fcb1d60c541dfbbe859bcaba3438c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83936ca72c76cd86999f8aa879c475cf044eff8e4ec23ac5e01897e75b5e4a9a
84b78e5e85a9fbcdb744556b4bdc083172d9694979d56d69dfe414f195b24c1e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8551096206bda0de6844e086ee89d7f8ff91f28b97ab1517bc1b446aa5152a9f
87203a30da458fd6e6695c9e7e2e63e3eceede957fa5255eaae353e3366ca314
8749bb8126f41678cab2781e498d093ff13a30c4b2159b3bf0dab15fbd823659
8851697668cedae41d83051d6d99fd5586d3452241ed1b9760edc6fbc623efc3
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae725019222ebf6828d5be8379a9d545a94cac56698904aca22c1cee14522b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92549177c6b52fe203008ae2a7f01889cfebc82776e49191b2c00f9b9586512f
93b14c879e2d28f5f004370500b493b81fd5a89dd1427d115f1d4c6eabd5a9ca
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
96fa106a4c8327abd834abf8d6823dda48c1f021d22235adf3a11df693620ad4
9c0d84235048c1093e9c9f5d7052e1c804ddc1f8e856fc22a50e52d09e47a823
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9eaecaf0eb8a74bd2e9bbf29b474efd83f9c8c7112f65bcdf0b9db336fdf59ba
9f4802c0073e8931118a54ed1ee27ed022505a8a7375a98e605333fe8b3ea6c4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a48520a4e18dcd63e328884cc178a2fedd032ff87044322be4ac1f4897b8a2d4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9031b1545edaa37bc3d3263cb6475231e95ef87e22a071d87a62cb7fe1a34e1
ad960e6e8ed638e9b6ed657405b914c36a434c5df24b2f80154c62643100ef80
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cd88c4c30e392174c445cfb4d38ade396a495446ea703b626902e772017100
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1e42c4bb4fe67d88744eece857f09f104ab7050ecae63bd9fd4e0572ce21097
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28dddf3577f806cb7ff8bab12c46857ca4c88adf378f66bcf19a327627335e3
c36aec127e64e65ef57a60548ba07a7ce4847fb904dc1ddcc93e236ee3a8b498
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c7b5714d8fd3b47ed0eb4d7ac434076206167571b72d5406fa8b46b8da4e6771
c96bc80cf1140b927030b9397b8796fbf6d1520c2900c868ab01b6e9f8f7cde2
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d4374ad7f8c476dc84035aae5a44980a087141e15d1f8938739ae8962aea44a5
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d8d6e4e78f08d3af6fbfd10c7b2d37d966629f41f1f89180efb3b47e0c10cf72
d8e82b7b5c6c902436b8dc31f2db5ab5001b45ea9027c5ec8ef093ba1d1305ca
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb99b71fca4627cf1be522267fd4a7fd2cc04930d12b34649ac380490f061e58
ed79244dc32a45d8b14573b6455746f51bdc33066c7d625ee55f9b6e6d7e0ee7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6070f9267df6a0966ad2248b1266a6dbf77d63ae0c5584f1ed64247ba3005c9
f687aea5c1d558829312fdf7d1f1c4daff6d4b81eb50f0f6c54517d3261b403d
f74a91bc1e62a599f44663acb65a4f039a8d801e93f0e6b1ded42a3c869d45f9
f9ff2e4dd6136e6b711034c99b08bb68ff62ae7d11d0dc15f11c9d4874bb1069
fe0735824c048f03d337374cefcdb74eab99e9f197c04888566184f7fb956808
fff82d02d2096f5e6552fd74ddbfa44fa60873f906d1ea79b8ceebd626b6e5ee

www.pravda.com.ua Open in urlscan Pro 107.178.251.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

87 %HTTPS

37 %IPv6

34 Domains

62 Subdomains

54 IPs

12 Countries

4088 kBTransfer

6662 kBSize

44 Cookies

77 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pravda.com.ua Open in urlscan Pro
107.178.251.122 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

87 %
HTTPS

37 %
IPv6

34
Domains

62
Subdomains

54
IPs

12
Countries

4088 kB
Transfer

6662 kB
Size

44
Cookies

171 HTTP transactions
13 data transactions