nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On November 14 via api (November 14th 2022, 12:04:56 am UTC) from GB — Scanned from GB

Summary HTTP 143 Redirects Links 121 Behaviour Indicators

Summary

This website contacted 57 IPs in 13 countries across 36 domains to perform 143 HTTP transactions. The main IP is 2606:4700:10::ac43:175a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 138593.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1 3	18.66.141.93 18.66.141.93	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:236e:5a00:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	138.199.37.231 138.199.37.231	60068 (CDN77 ^_^) (CDN77 ^_^)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1 4	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	3.65.169.1 3.65.169.1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 3	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	67.220.226.232 67.220.226.232	16509 (AMAZON-02) (AMAZON-02)
2 4	69.173.144.139 69.173.144.139	() ()
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	() ()
3 5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 5	209.54.182.161 209.54.182.161	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3602:fe88:ebd2:7b5:6ad	() ()
1 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	64.74.236.127 64.74.236.127	() ()
1	54.171.34.58 54.171.34.58	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
143	57

47 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.141.93 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-141-93.fra60.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:5a00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.231 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-231.datapacket.com

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.169.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-169-1.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.232 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.54.182.161 (None, ) 3 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:fe88:ebd2:7b5:6ad (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.127 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.34.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-34-58.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 138593 static.nv.ua — Cisco Umbrella Rank: 404250	1 MB
12	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	320 KB
12	amazon-adsystem.com 6 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 290 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915 s.amazon-adsystem.com	10 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203	168 KB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 439 eus.rubiconproject.com — Cisco Umbrella Rank: 541 pixel.rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 544	14 KB
10	googlesyndication.com 1 redirects 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	52 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 491 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	7 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 acdn.adnxs.com — Cisco Umbrella Rank: 579	21 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 64696 ls.hit.gemius.pl — Cisco Umbrella Rank: 12859	20 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4753 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 691 gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	7 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 95200	193 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5922 adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
3	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3954 c1.adform.net — Cisco Umbrella Rank: 582	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 587 cdn.indexww.com — Cisco Umbrella Rank: 1490	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 554 eb2.3lift.com — Cisco Umbrella Rank: 339	656 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 790	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	74 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	162 KB
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 465	433 B
1	zemanta.com 1 redirects b1sync.zemanta.com	309 B
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 938	178 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	596 B
1	linkedin.com px.ads.linkedin.com	708 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2481	495 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	642 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6055	276 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 8982	402 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 65785
1	cloudfront.net d3div1mtym39ic.cloudfront.net	44 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 976	45 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 165909	311 B
143	36

	Domain	Requested by
34	static.nv.ua	nv.ua
13	nv.ua	1 redirects nv.ua
6	tpc.googlesyndication.com	1 redirects 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	3 redirects
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net nv.ua
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects
4	encrypted-tbn0.gstatic.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
4	ib.adnxs.com	1 redirects cdn.membrana.media acdn.adnxs.com
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
4	cdn.membrana.media	nv.ua cdn.membrana.media
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	encrypted-tbn1.gstatic.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	c1.adform.net	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	pagead2.googlesyndication.com	nv.ua www.googletagservices.com
2	gum.criteo.com	1 redirects static.criteo.net
2	encrypted-tbn3.gstatic.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	www.google.com	nv.ua 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
2	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.de	nv.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	unpkg.com	1 redirects nv.ua
2	www.google-analytics.com	www.googletagmanager.com nv.ua
2	www.googletagservices.com	nv.ua 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	sync.taboola.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	eb2.3lift.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	mug.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn2.gstatic.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
1	www.gstatic.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
1	fonts.googleapis.com	6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	inv-nets.admixer.net	cdn.membrana.media
1	ap.lijit.com	cdn.membrana.media
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	d3div1mtym39ic.cloudfront.net	nv.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	www.googleoptimize.com	www.googletagmanager.com
1	c.hit.ua	nv.ua
143	64

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cdn.membrana.media R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
hit.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://nv.ua/
Frame ID: 1A86462F18570E09E82A9F11EBA72A19
Requests: 90 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: DCFFD4A73B93E06D064C871ED5A49443
Requests: 1 HTTP requests in this frame

Frame: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1BD8D24C37A2FDB5958A08FF4CDF3888
Requests: 1 HTTP requests in this frame

Frame: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E54D14DEF1FBA912BAA1B303B2B0F49A
Requests: 24 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: 9C74683E34F134E4785AE1E881847558
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 7E215562305E89E2AA2C11351191476F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 817F0A10C4392ACF5FAC7D44FEFF3860
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E189726C425C8A474F8639F77B65BBCA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EE20885EBAB3DD3FFB9B1E540F19484C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 3F9ABB59EF522F61EA4862C91F10BD0F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 74852733D254339AFB578B86C4A6F8BF
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

143
Requests

87 %
HTTPS

49 %
IPv6

36
Domains

64
Subdomains

57
IPs

13
Countries

2454 kB
Transfer

4538 kB
Size

34
Cookies

121 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/art.html
Title: Арт

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview/zhinoche-fermerstvo-pid-chas-viyni-50283162.html
Title: Жіноче фермерство під час війни

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/5-nagalnih-tem-dlya-pidpriyemciv-50260846.html
Title: П`ять нагальних тем для підприємців

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/yak-pripiniti-zaciklyuvatisya-nav-yazlivi-dumki-mislennya-50283546.html
Title: Лео Бабаута Бувають у кожного. Як позбутися нав’язливих думок

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/depozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrmarketsdepozit-pid-chas-viyni-tri-dohizhi-propoziciji-vid-bankiv-ukrajini-50275980

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr?utm_source=nv.ua&utm_medium=1&utm_campaign=ukr

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport/ukrajinski-shpazhistki-zdobuli-sriblo-na-kubku-svitu-novini-sportu-50283787.html
Title: Українські шпажистки здобули срібло на Кубку світу в Таллінні

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/kalush-orchestra-vistupili-na-ceremoniji-mtv-europe-music-awards-podrobici-50283786.html
Title: Special guest star. Kalush Orchestra виступили на церемонії MTV Europe Music Awards

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks/yak-skorotiti-harchovi-vidhodi-prosti-sposobi-zmenshiti-vidhodi-vid-jizhi-produktiv-ekonomiya-groshey-50283683.html
Title: Важливі рішення для бюджету. Чотири способи скоротити кількість харчових відходів та заощадити на продуктах

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/golos-krajini-2022-yak-zaminili-svyatoslava-vakarchuka-ta-hto-proyshov-u-final-shou-video-50283768.html
Title: Список фіналістів. Хто з учасників Голосу країни 12 змагатиметься за перемогу у прямому етері

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/herson-kijivstar-i-vodafone-vidnovili-robotu-novini-ukrajini-50283783.html
Title: В Херсоні відновили роботу мобільні оператори Київстар і Vodafonе

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football/seriya-a-oglyad-ta-rezultati-matchiv-15-turu-13-11-2022-video-50283779.html
Title: Італійська Серія А. Аталанта з Малиновським програла Інтеру, Мілан та Ювентус виграли — відео

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing/lav-spark-amerikanec-vikinuv-avstraliycya-z-ringu-video-50283690.html
Title: Перша поразка у кар'єрі. Американський боксер викинув суперника з рингу і безглуздо програв бій — відео

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/hvetkevich-z-holostyachki-zaprosiv-zlatu-ognyevich-na-svoye-vesillya-ognyevich-pokazala-zaproshennya-foto-50283709.html
Title: «Готуватимуся». Учасник Холостячки Андрій Хветкевич, який здійснив камінг-аут, запросив Злату Огнєвіч на своє весілля до Мексики

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/ztv-eynshteyna-50283574.html
Title: Переписуємо «біблію» космології? Чому вчені знову засумнівалися у загальній теорії відносності Ейнштейна

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/robota-restoraniv-pid-chas-viyni-vidviduvanist-cini-novini-ukrajini-50283218.html
Title: Бізнес тримається. Сім рестораторів про ситуацію на ринку, ціни та меню військового часу

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/yak-vidnoviti-ukrajinu-pislya-viyni-vidpovidaye-nobelivskiy-laureat-novini-ukrajini-50283093.html
Title: «Ви дуже талановиті» / Нобелівський лауреат дає просту пораду, як відновити українську економіку — ексклюзивне інтерв'ю НВ 12 листопада, 17:03 Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/herson-eksport-pshenici-yachmenyu-ovochiv-novini-ukrajini-50283542.html
Title: Гарні новини з півдня / Визволення Херсона відкриває експорт зерна з порту Миколаєва — інтерв'ю 13 листопада, 11:30 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/groshi-tizhnya-mask-graye-novoyu-igrashkoyu-kolomoyskiy-lyutuye-tehgiganti-vstanovlyuyut-rekordi-50283601.html
Title: Гроші тижня / Маск грається новою іграшкою, Коломойський лютує, техгіганти встановлюють рекорди 12 листопада, 17:26

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/andrey-servetnik.html
Title: Андрій Серветник Партнер, керівник практики Deloitte Private в Україні

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/zvidki-berut-groshi-na-viynu-podatki-ta-istoriya-obmezheni-resursi-rosiji-50283550.html
Title: Як фінансуються війни та чому важливо вчити історію Серія нарисів про те, як зароджувалися і формувалися податкові системи, та про їхній вплив на людство. 13 листопада, 17:44 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/yuliya-sviridenko.html
Title: Юлія Свириденко Перший віце-прем'єр-міністр — Міністр економіки України

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/bezrobitni-v-ukrajini-shcho-mozhna-zrobiti-yakshcho-vi-vtratili-robotu-ministr-ekonomiki-50283336.html
Title: Безробіття в Україні: Наскільки складна ситуація? Рівень реального безробіття в Україні до кінця 2022 року буде високим. Так, війна внесла корективи у життя кожного українця. Уряд і Мінекономіки розробили кілька механізмів, аби відсоток безробіття поступово зменшувався. 13 листопада, 10:21 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/kurs-valyut-v-ukrajini-na-14-20-listopada-2022-skilki-koshtuye-dolar-i-yevro-novini-ukrajini-50283457.html
Title: Сюжет Вузький коридор / Чи зміниться готівковий курс гривні наступного тижня — прогноз 12 листопада, 07:50 Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/ftx-podala-zayavu-na-bankrutstvo-sem-bankman-frid-zalishaye-posadu-ostanni-novini-50283443.html
Title: CEO йде у відставку / FTX подала заяву на банкрутство 11 листопада, 18:20 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/vidklyuchennya-svitla-minenergo-perevirit-grafiki-vidklyuchen-novini-ukrajini-50283446.html
Title: Графіки відключень світла перевірять / Міненерго візьметься за операторів електромереж 11 листопада, 18:11 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/samorozvitok-yak-virosti-yak-osobistist-pravila-zhittya-50283479.html

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/artemis-1-50261776.html
Title: Історія на наших очах / У NASA нарешті визначилися з датою запуску Місячної місії — ось чого нам варто очікувати 12 листопада, 09:25 Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry/yak-i-navishcho-ilon-mask-namagayetsya-peretvoriti-twitter-na-platizhnu-sistemu-50283395.html
Title: Гроші, гроші, грошенята / Як і навіщо Ілон Маск намагається перетворити Twitter на платіжну систему 12 листопада, 07:02 IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/yak-vibuh-pivnichnih-potokiv-vpline-na-klimat-doslidzhennya-kitayskih-vchenih-50283390.html
Title: Все не так страшно / Китайські вчені з’ясували, наскільки вибух газопроводів Північний потік вплинув на клімат 12 листопада, 06:39 Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations/ukrajinskiy-flot-morskih-droniv-50283425.html
Title: Перший у світі / Володимир Зеленський запустив збір на український флот морських дронів — що це за зброя 11 листопада, 17:09 Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js

Request Chain 59

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 84

https://gaua.hit.gemius.pl/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=L1vV3pmHT9OomYkFKTsxEdXNM7iwUUOxPhnYApuJjlz.X7dvvo94._VVfCAe1uvHWnVbZX0UWppviS0Xz.JYbKXPmi.a/E.CyXUzn3mKCy/&ltime=327&fpdata=rdvVFm6mf9hraUhosAZTRJxpWbMqLsVfAd3T6zg3v7f.s7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=L1vV3pmHT9OomYkFKTsxEdXNM7iwUUOxPhnYApuJjlz.X7dvvo94._VVfCAe1uvHWnVbZX0UWppviS0Xz.JYbKXPmi.a/E.CyXUzn3mKCy/&ltime=327&fpdata=rdvVFm6mf9hraUhosAZTRJxpWbMqLsVfAd3T6zg3v7f.s7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 110

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo3p-rIxC0ARi0ATIIkgobWubvYkk HTTP 301
https://tpc.googlesyndication.com/simgad/15805113605579073171

Request Chain 115

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=BU1dO3xnVWxDS0RTaUcyQk54eVltYUhGVWVlNndldUxsUlhHQ2x4YmprbGo0OUlIaXpCREFGVjI2ZWlXQUxwVFJEWDN2Rms0MmZuK1dMT04wSGdyOTdrTFdxekVZRlFWc3Iwd1EvaWZ0UjFBc1lSYzVvT0lkZVdCZ3VvRFNmU0VMR0Z5S1Q4dUlKN3Y4ZXBVYUZ1RmFociswa2N1REE1VklFTURCMk5QaXgrYzlsSEhCRFdERXNpL1VybXYxbVlLUHE5SWplR1Z6eVVkK1dIdlBmZXM4ZWJpUE9vYVRZcUcwY0phcW1tdStQZlh6ZjBRUm5JdC9yL2xKc2czWjJmdnFyRkswR3A4QmM2cWtRVGVtZHpsNjVacTBjdz09fA&cppv=2

Request Chain 122

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 123

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 125

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vwsZRvbbSWuKplDPRWMk5Q&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vwsZRvbbSWuKplDPRWMk5Q

Request Chain 126

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAG0XHH6-C-KKQV

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECT7LOhidLFps9v59I9FOxQ&google_cver=1

Request Chain 128

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFHMFhISDYtQy1LS1FW

Request Chain 130

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0NGM0NTI3M2IyN2VlMTAwZmM5ODM2YzA5YWI2ZDcyNmVhZWUyMA

Request Chain 131

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dEdNUmG5SHmR4cO7jIOezQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dEdNUmG5SHmR4cO7jIOezQ

Request Chain 132

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/6MKZF6r65jgeRn5IJa9Zkw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=209810140089916777

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIjR7KtyXZsVxPVIZ32Bnr4&google_cver=1

Request Chain 135

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&dcc=t

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3GGJSWDigRSGHhRNJW27AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEI5gYhXkym_K4xb7Xpkjo&google_cver=1

Request Chain 137

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAA%261111 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fa9e94c2-284a-4031-b0e7-d54b64aa5b9a-tucta6b0ba6

Request Chain 138

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 140

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7224696479327687294&expiration=1669593894

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

247 KB
50 KB

353ms
260ms

Document
text/html

2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e902a920890842b9bdddef3f81275ed6dc1a4d2ccd9419af6e840ee2f130e88

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 769b7df1ab727333-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 00:04:49 GMT
nv-cache: 180s
server: cloudflare
x-cacheable: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 769b7df08db1dd03-LHR
Connection: keep-alive
Content-Type: text/html
Date: Mon, 14 Nov 2022 00:04:49 GMT
Location: https://nv.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
89 KB 197ms
73ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f9b511f3f6eeb5e3d8cfa15b6996593df96b1c086e7dac6f74d788b9bca9c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 00:04:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 197ms
74ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c38e9e2e2656e490169498dcf3a0a6d0b5f6889ee2c48dee3b9f9bf877bf14ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27298
x-xss-protection: 0
server: sffe
etag: "1391 / 551 of 1000 / last-modified: 1668208008"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Nov 2022 00:04:49 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 3 KB
2 KB 178ms
53ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 1039c70abb863b7334bc37469d6d4b7267fe46814ced7546ef0c21efa42aa671

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-200
cdn-cachedat: 11/10/2022 14:01:18
cdn-pullzone: 139012
last-modified: Thu, 10 Nov 2022 14:01:09 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"636d0425-b79"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: c9c2dcbc101d1d86ee53b65a23bb0ca7
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tablet-fixes-768.css
nv.ua/css/ 2 KB
707 B 54ms
54ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-768.css?4.98
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 300540
cf-polished: origSize=1661
etag: W/"618b9271-67d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 769b7df38d527333-LHR
expires: Sat, 11 Nov 2023 12:35:49 GMT

GET
H2 200 tablet-fixes-1024.css
nv.ua/css/ 2 KB
750 B 53ms
53ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-1024.css?4.98
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 300540
etag: W/"618b9271-700"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31557600
cf-ray: 769b7df38d537333-LHR
expires: Sat, 11 Nov 2023 12:35:49 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 55ms
54ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 21901737
etag: "60e41fd8-944c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df38d587333-LHR
content-length: 37964
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 65ms
65ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 21901737
etag: "60e41fd8-9578"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df38d607333-LHR
content-length: 38264
expires: Mon, 06 Mar 2023 12:15:52 GMT

GET
H2 200 logo-new-kherson.png
static.nv.ua/images/main/ 113 KB
114 KB 103ms
93ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/logo-new-kherson.png?q=85&f=png&stamp=4.98
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8a293defe07ab051a48893c2bda9683d6a3fb6e054d346a8e21f8a54346cb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 1433
cf-polished: origFmt=png, origSize=207033
content-disposition: inline; filename="logo-new-kherson.webp"
content-length: 116012
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 11 Nov 2022 19:45:29 GMT
server: cloudflare
etag: "636ea659-328b9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 769b7df39d707333-LHR

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 67ms
66ms Font
application/octet-stream 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 14808815
etag: "616eaf71-3914"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df39d687333-LHR
content-length: 14612
expires: Sat, 27 May 2023 14:31:14 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 61ms
61ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 21901767
etag: "60e41fd8-d430"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df39d6d7333-LHR
content-length: 54320
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 59 KB
16 KB 275ms
80ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 11:44:35 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15975
expires: Mon, 14 Nov 2022 12:04:50 GMT

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
443 B 84ms
83ms Image
image/svg+xml 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 21902005
etag: W/"5e6ff361-1a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 769b7df3ad837333-LHR
expires: Mon, 06 Mar 2023 12:11:24 GMT

GET
H2 200 mars.jpg
nv.ua/upload/ 48 KB
48 KB 78ms
78ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/upload/mars.jpg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0b6748da84eee7683c46e4fbf1bcb4b65a8d45ed5b3f31a3026a46535b13ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 267441
cf-polished: qual=85, origFmt=jpeg, origSize=75728
content-disposition: inline; filename="mars.webp"
content-length: 49374
cf-bgj: imgq:85,h2pri
last-modified: Mon, 16 Mar 2020 21:45:06 GMT
server: cloudflare
etag: "5e6ff362-127d0"
vary: Accept
content-type: image/webp
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df3bd8f7333-LHR
expires: Sat, 11 Nov 2023 21:47:28 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 77ms
76ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 21901767
etag: "60e41fd8-e8b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 769b7df3bd917333-LHR
content-length: 59576
expires: Mon, 06 Mar 2023 12:15:22 GMT

GET
H2 200 35571ad741f55b001dcbfe306a8f0b99.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/ 11 KB
11 KB 86ms
79ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/35571ad741f55b001dcbfe306a8f0b99.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 818856
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 04 Nov 2022 04:23:20 GMT
server: cloudflare
etag: "5dcd95eee4c4cbae01df3ec3af37c9c0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df40dd97333-LHR
expires: Sun, 04 Dec 2022 12:37:13 GMT

GET
H2 200 d64c30a9b44774b6337528bc76839e7b.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/116/original/ 11 KB
11 KB 85ms
77ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/116/original/d64c30a9b44774b6337528bc76839e7b.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d3c26dfafb5f99743a304e67f134b3b7316bb1883c624708ea479763fb1a61

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 60447
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sun, 13 Nov 2022 06:05:18 GMT
server: cloudflare
etag: "b249cf89511c5769d9bd95898781463f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df40dda7333-LHR
expires: Tue, 13 Dec 2022 07:17:22 GMT

GET
H2 200 5e9cb639cd64aa4e3175c30e57f2def1.png
static.nv.ua/shared/system/opinion_authors/avatars/000/019/184/original/ 7 KB
7 KB 74ms
67ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/019/184/original/5e9cb639cd64aa4e3175c30e57f2def1.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e02cfa8d2e7c0999cbd9ecf21ad707d339d77d265af53cdd80f83696949690c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 221044
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 10 Nov 2022 06:41:44 GMT
server: cloudflare
etag: "0acf73d83c46aaf2e5964471d2cbfbd8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df40ddb7333-LHR
expires: Sun, 11 Dec 2022 10:40:45 GMT

GET
H2 200 6bf897069385390eea4430faec7e766e.png
static.nv.ua/shared/system/opinion_authors/avatars/000/009/370/original/ 6 KB
6 KB 73ms
66ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/009/370/original/6bf897069385390eea4430faec7e766e.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a6b687eed31482da50a5f27c32883843d33cdb01c95115f5e85cb2dddebe0a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 153882
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 12 Nov 2022 04:15:39 GMT
server: cloudflare
etag: "b982435ad9258824a933a699e81b6249"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df40ddc7333-LHR
expires: Mon, 12 Dec 2022 05:20:07 GMT

GET
H2 200 19ff66cc7865fe063ce9f93b1bf65c14.png
static.nv.ua/shared/system/top_images/images/000/000/074/original/ 5 KB
6 KB 85ms
78ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/074/original/19ff66cc7865fe063ce9f93b1bf65c14.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 2112871
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Thu, 20 Oct 2022 12:51:47 GMT
server: cloudflare
etag: "7352cbbe85b856798b624727ed1030c1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df40dde7333-LHR
expires: Sat, 19 Nov 2022 13:10:18 GMT

GET
H2 200 9c01ef32f3c4483332ca2e1a4b9a3b25.png
static.nv.ua/shared/system/top_images/images/000/000/076/original/ 10 KB
10 KB 85ms
82ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/076/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 1336295
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "363bb42bf07661e5c12073e3f65c631b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e307333-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 2c379b42d42047eca51b5e9a7ad8181b.png
static.nv.ua/shared/system/top_images/images/000/000/078/original/ 5 KB
5 KB 90ms
87ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/078/original/2c379b42d42047eca51b5e9a7ad8181b.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
age: 1336295
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Sat, 01 Oct 2022 01:19:49 GMT
server: cloudflare
etag: "4662828e117d218016ebdf7a90b3b354"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e2f7333-LHR
expires: Mon, 28 Nov 2022 12:53:14 GMT

GET
H2 200 a9260be2f0de15775906125797866db0.jpg
static.nv.ua/shared/system/Article/posters/002/595/648/original/ 11 KB
11 KB 81ms
78ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/648/original/a9260be2f0de15775906125797866db0.jpg?q=85&stamp=20221113202717&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8701acea38a73fcfb3d8445c70e13f885ac8846666b9dc10c3937bfa639a3296

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 17:46:48 GMT
server: cloudflare
age: 18595
etag: "857eaf8f6b7fba4e185fbd04f29cac5a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e1b7333-LHR
expires: Tue, 13 Dec 2022 18:54:54 GMT

GET
H2 200 f0b62cc63b5e4cd7e689ef83c5272875.jpg
static.nv.ua/shared/system/Article/posters/002/595/670/original/ 15 KB
15 KB 83ms
80ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/670/original/f0b62cc63b5e4cd7e689ef83c5272875.jpg?q=85&stamp=20221113233431&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac437541a70676cc828ad4cd9286f68ef4cce65ac2f95932923ae11f9c84234

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 21:50:25 GMT
server: cloudflare
age: 4377
etag: "af3f302d67acb13eb3ef0a02077cc0b5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e2e7333-LHR
expires: Tue, 13 Dec 2022 22:51:52 GMT

GET
H2 200 53ce27ce391bf3c3c8c2f66adafd7b4a.jpg
static.nv.ua/shared/system/Article/posters/002/595/660/original/ 13 KB
13 KB 80ms
77ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/660/original/53ce27ce391bf3c3c8c2f66adafd7b4a.jpg?q=85&stamp=20221113221736&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a65b7dc1eba236cd5d7e2e414f9e5df7c29d052c840316cda5a2083c358872

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 19:35:22 GMT
server: cloudflare
age: 10638
etag: "47e694c0bfdc8dd2f3e6437bb69135ef"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e1f7333-LHR
expires: Tue, 13 Dec 2022 21:07:31 GMT

GET
H2 200 60508c211b940f70b282500fa9698d47.jpg
static.nv.ua/shared/system/Article/posters/002/595/664/original/ 4 KB
4 KB 82ms
79ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/664/original/60508c211b940f70b282500fa9698d47.jpg?q=85&stamp=20221113214141&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d70720b643fb98878b663768d2f3ee1b44fd5f3ff7add6d8e3062c43a1e4c59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 19:00:21 GMT
server: cloudflare
age: 12654
etag: "5f281b555443d4f4eb4f2c055539e54d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e217333-LHR
expires: Tue, 13 Dec 2022 20:33:55 GMT

GET
H2 200 2db75041b4d4dffbeb0d8779d600eac4.jpg
static.nv.ua/shared/system/Article/posters/002/595/494/original/ 6 KB
6 KB 87ms
84ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/494/original/2db75041b4d4dffbeb0d8779d600eac4.jpg?q=85&stamp=20221113121446&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b46ab78a58ccbdd47cc1244af5f67e97a482ecf18dec08ab02ea2c5d7db06cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 18:45:20 GMT
server: cloudflare
age: 15177
etag: "6c36b679bf9d199a8404fe759f0b0834"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e207333-LHR
expires: Tue, 13 Dec 2022 19:51:52 GMT

GET
H2 200 5f547a01021fb7d7e26d1a977e5c9909.jpg
static.nv.ua/shared/system/Article/posters/002/595/547/original/ 13 KB
13 KB 84ms
81ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/547/original/5f547a01021fb7d7e26d1a977e5c9909.jpg?q=85&stamp=20221113144128&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660df3f52200be4eae96681f61f9ba205e8c93b4dba19badc18eb01dfb84dab9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 18:19:11 GMT
server: cloudflare
age: 16388
etag: "8ca0f2ae757a5b9d0ee2c692b765c995"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e2d7333-LHR
expires: Tue, 13 Dec 2022 19:31:41 GMT

GET
H2 200 1b99e34b98a4ec31993501f998180442.jpg
static.nv.ua/shared/system/Article/posters/002/595/584/original/ 15 KB
15 KB 79ms
77ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/584/original/1b99e34b98a4ec31993501f998180442.jpg?q=85&stamp=20221113160758&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3e26943c71cf9963c4b2d3dd59ff102f6aa8f29614e7cb0d98d076de7ebb7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 13:15:28 GMT
server: cloudflare
age: 16388
etag: "3359bf8baef125c3399bab249daf4de1"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e1c7333-LHR
expires: Tue, 13 Dec 2022 19:31:41 GMT

GET
H2 200 65294ad71efb33e46289f68ca1e8801d.jpg
static.nv.ua/shared/system/Article/posters/002/595/609/original/ 6 KB
7 KB 81ms
79ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/609/original/65294ad71efb33e46289f68ca1e8801d.jpg?q=85&stamp=20221113184239&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cabf0c2848b22466698c3f66fb5e8e1427684b1f471b376318d5eb0b384b43f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 17:55:25 GMT
server: cloudflare
age: 18467
etag: "c29963d3219aadd82d73a139dd0132ae"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df43e1d7333-LHR
expires: Tue, 13 Dec 2022 18:57:02 GMT

GET
H2 200 692c6166c01f7a0f809e01d28cab432c.jpg
static.nv.ua/shared/system/Article/posters/002/595/479/original/ 6 KB
6 KB 90ms
88ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/479/original/692c6166c01f7a0f809e01d28cab432c.jpg?q=85&stamp=20221113120833&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa2ce29960467c79ac61a87ce938261fb5b390b32e922e08e60b3a9d9085a76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 09:30:24 GMT
server: cloudflare
age: 48562
etag: "dc95b969d8c3eb2d143a11bc24ae4ebb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e327333-LHR
expires: Tue, 13 Dec 2022 10:35:27 GMT

GET
H2 200 3c3f9a657d2b9f62fe747d92f62097b9.jpg
static.nv.ua/shared/system/Article/posters/002/595/640/original/ 9 KB
10 KB 90ms
88ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/640/original/3c3f9a657d2b9f62fe747d92f62097b9.jpg?q=85&stamp=20221113195810&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b555015b62303472b77f7c9212d1aa66b32c94e2035d3925cbed3a0eefe80d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 17:10:23 GMT
server: cloudflare
age: 18698
etag: "8c5d179129673d69d550f752fd14ec7f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e347333-LHR
expires: Tue, 13 Dec 2022 18:53:11 GMT

GET
H2 200 1ce167c4664afd78a08a2db08f000821.jpg
static.nv.ua/shared/system/Article/posters/002/595/618/original/ 8 KB
8 KB 89ms
86ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/618/original/1ce167c4664afd78a08a2db08f000821.jpg?q=85&stamp=20221113190516&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4614363f3d00c3a0d266cc68cfb56c808014eda9b8810deb3a9f3476f6080b63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:49 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 16:19:16 GMT
server: cloudflare
age: 23523
etag: "f198dc28c26583430cf9bca2c0674a12"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df44e317333-LHR
expires: Tue, 13 Dec 2022 17:32:46 GMT

GET
H2 200 7c1645e4696bfa06872762009a4d7379.jpg
static.nv.ua/shared/system/Article/posters/002/595/128/original/ 39 KB
39 KB 54ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/128/original/7c1645e4696bfa06872762009a4d7379.jpg?q=85&stamp=20221112022417&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 921119bf3e83ece3ace27e2163363319ac3af3531e6274217ba8a901f531fb11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 15:10:27 GMT
server: cloudflare
age: 28212
etag: "ba9085a9a06a7f48c7099e11e6c0b5d2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eeb37333-LHR
expires: Tue, 13 Dec 2022 16:14:38 GMT

GET
H2 200 80c8630147f2b8ea178602d77e7c0ab4.jpg
static.nv.ua/shared/system/Article/posters/002/595/042/original/ 14 KB
14 KB 61ms
60ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/042/original/80c8630147f2b8ea178602d77e7c0ab4.jpg?q=85&stamp=20221111195702&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b806f14227e373990c4d9245062529f950e6bc6d30e8b273049efbe44c454881

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 18:10:29 GMT
server: cloudflare
age: 189023
etag: "766793332cc337ff4c4584aee7fabbe4"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eeb67333-LHR
expires: Sun, 11 Dec 2022 19:34:27 GMT

GET
H2 200 737af372eaa0d53b0dd58b7b75120d18.jpg
static.nv.ua/shared/system/Article/posters/002/595/313/original/ 10 KB
10 KB 96ms
95ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/313/original/737af372eaa0d53b0dd58b7b75120d18.jpg?q=85&stamp=20221112172858&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86849769d13423371b16272ce102baaa30d651d237e13331b2dc4ec0030186b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 15:41:46 GMT
server: cloudflare
age: 111175
etag: "3c2fb59a5d145849b873d887d59e5257"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eeb87333-LHR
expires: Mon, 12 Dec 2022 17:11:55 GMT

GET
H2 200 9428ad60ba5aa63ef1bb8258ac69000e.jpg
static.nv.ua/shared/system/Article/posters/002/594/536/original/ 36 KB
36 KB 59ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/536/original/9428ad60ba5aa63ef1bb8258ac69000e.jpg?q=85&stamp=20221111051038&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b37ac11c1455172c8e00772c8f9b42e24f61fd0e19014573fba61c185489f4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 11:06:09 GMT
server: cloudflare
age: 128876
etag: "de5948fed7ed2e06ba572f52820c42b9"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eeb97333-LHR
expires: Mon, 12 Dec 2022 12:16:54 GMT

GET
H2 200 46e85783960b70fecc6119f786a45fcb.jpg
static.nv.ua/shared/system/Article/posters/002/594/750/original/ 308 KB
309 KB 65ms
64ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/750/original/46e85783960b70fecc6119f786a45fcb.jpg?q=85&stamp=20221111133046&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 403ffda90388f3b699d572f5889ad34e2fdc8936d626bf0c92495e6bbf6ec63d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 05:35:20 GMT
server: cloudflare
age: 149240
etag: "3755ebe29445c89e93efe6ffd4e54895"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eeba7333-LHR
expires: Mon, 12 Dec 2022 06:37:30 GMT

GET
H2 200 f490c187fd3648b8b5e2a28e64f19b9d.jpg
static.nv.ua/shared/system/Article/posters/002/594/471/original/ 39 KB
39 KB 56ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/471/original/f490c187fd3648b8b5e2a28e64f19b9d.jpg?q=85&stamp=20221110221803&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e4dd024b49fe9910b6469f4df2d76986e8ae6546f546fb28928bd445ac3743

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 05:40:50 GMT
server: cloudflare
age: 146336
etag: "850a2b586cbb31cb2f468bd6393ffc0a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df4eebb7333-LHR
expires: Mon, 12 Dec 2022 07:25:54 GMT

GET
H2 200 64c5fe0e5c2491fd870b55b284f8e279.jpg
static.nv.ua/shared/system/Article/posters/002/594/745/original/ 25 KB
25 KB 57ms
56ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/745/original/64c5fe0e5c2491fd870b55b284f8e279.jpg?q=85&stamp=20221111153340&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e0cf4a73042ac62fa1884fd211efa71547f9ac60e38f1fbd6b19c62b40c0ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:52:13 GMT
server: cloudflare
age: 207429
etag: "6dbd39ecc30091661b6ffdfcc25b3454"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df53f1b7333-LHR
expires: Sun, 11 Dec 2022 14:27:41 GMT

GET
H2 200 476a77183c1a4e410a21d067c51b648d.jpg
static.nv.ua/shared/system/Article/posters/002/594/202/original/ 17 KB
18 KB 61ms
60ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/202/original/476a77183c1a4e410a21d067c51b648d.jpg?q=85&stamp=20221110151408&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc60ac92865e6b0590986ae78ddc783e9bcffa13ad2b65d0d965ce77c41b07ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 13:33:27 GMT
server: cloudflare
age: 235808
etag: "dcc3856706e767dc8de175604488822f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df54f1d7333-LHR
expires: Sun, 11 Dec 2022 06:34:42 GMT

GET
H2 200 1be3bb232f931269db8b2ee31a3fd5f2.jpg
static.nv.ua/shared/system/Article/posters/002/594/728/original/ 48 KB
48 KB 58ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/728/original/1be3bb232f931269db8b2ee31a3fd5f2.jpg?q=85&stamp=20221111131757&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1fc8ef5fdd07686f5ae33d12341e8cbbbcd608908676ef4017d32bf0ec17dfe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 11:18:26 GMT
server: cloudflare
age: 213736
etag: "eb566dce144d08c91c9142fc8cfcca39"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df54f2e7333-LHR
expires: Sun, 11 Dec 2022 12:42:34 GMT

GET
H2 200 314d36375d29a4b7726791662eee9fd7.jpg
static.nv.ua/shared/system/Article/posters/002/595/591/original/ 11 KB
11 KB 57ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/591/original/314d36375d29a4b7726791662eee9fd7.jpg?q=85&stamp=20221113175859&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806d1b466168e0a85d12031408a9ce38eb44646c8d177daa5add61a9522a3eb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 15:07:20 GMT
server: cloudflare
age: 28524
etag: "190c43af3ab7a5dd81567c470edcef22"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df54f327333-LHR
expires: Tue, 13 Dec 2022 16:09:26 GMT

GET
H2 200 8f45dd3111fdfe70f7e00996ff45b1e0.jpg
static.nv.ua/shared/system/Article/posters/002/595/576/original/ 15 KB
15 KB 55ms
54ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/576/original/8f45dd3111fdfe70f7e00996ff45b1e0.jpg?q=85&stamp=20221113160140&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 625c0b22560a5b204c6fcb77dd3751b4550c4fa009443a46e0212a4481ab5375

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 13:10:35 GMT
server: cloudflare
age: 30780
etag: "d6191ef7110f17a7545a359e11b1fdca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df56f567333-LHR
expires: Tue, 13 Dec 2022 15:31:50 GMT

GET
H2 200 dad423a96aac7d5d259013aeb9641236.jpg
static.nv.ua/shared/system/Article/posters/002/594/047/original/ 16 KB
16 KB 57ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/594/047/original/dad423a96aac7d5d259013aeb9641236.jpg?q=85&stamp=20221110123332&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d59d192d5f3882bdcca7c4c16c4feb1ad4b89d5f7d3057c8d27118c3190c9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 08:36:22 GMT
server: cloudflare
age: 131722
etag: "348ba00311d55e9fbc27354c07aaa4bb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df58f847333-LHR
expires: Mon, 12 Dec 2022 11:29:28 GMT

GET
H2 200 b8659ed06bba0395898a9d099fc8e845.jpg
static.nv.ua/shared/system/Article/posters/002/595/254/original/ 4 KB
5 KB 58ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/254/original/b8659ed06bba0395898a9d099fc8e845.jpg?q=85&stamp=20221112154318&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b313688d88461444039047769a5d850850a76b3ab98d4ec76f75945ca51d4890

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 12:10:33 GMT
server: cloudflare
age: 39159
etag: "fa67d6729a06e5399aae051117fa0b4f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df5afb27333-LHR
expires: Tue, 13 Dec 2022 13:12:11 GMT

GET
H2 200 676f91225f4f2d099f9306f5c6e99fa9.jpg
static.nv.ua/shared/system/Article/posters/002/595/169/original/ 8 KB
8 KB 67ms
66ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/169/original/676f91225f4f2d099f9306f5c6e99fa9.jpg?q=85&stamp=20221112103510&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491e30e7b076ded3db2662c884ab4d83ae4a850706ca616cacda0a41fc49deb6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 08:30:29 GMT
server: cloudflare
age: 50017
etag: "e81dd2f0f74266531a53a5b29202d2b3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df5afb57333-LHR
expires: Tue, 13 Dec 2022 10:11:13 GMT

GET
H2 200 d854f8a05c41c7ccf6eeb46571097e2c.jpg
static.nv.ua/shared/system/Article/posters/002/595/239/original/ 9 KB
9 KB 57ms
56ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/595/239/original/d854f8a05c41c7ccf6eeb46571097e2c.jpg?q=85&stamp=20221112140023&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b882ce88a18cc29d3f5da1949d848b5fd0df19f5061f9060c6fbd4bcbbbb27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Nov 2022 04:13:23 GMT
server: cloudflare
age: 62006
etag: "1bbefeb7f7075c1a9e8b3e5221f712be"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df5afb77333-LHR
expires: Tue, 13 Dec 2022 06:51:24 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
311 B 373ms
85ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.874381630563297&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 134 KB
45 KB 80ms
80ms Script
application/javascript 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.98
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1b4d10a2be6b7d41c751ec2156866f085d8e912c5d07d80ea08683781f8c46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 12:31:40 GMT
server: cloudflare
age: 300540
etag: W/"636cef2c-2161b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 769b7df44e357333-LHR
expires: Sat, 11 Nov 2023 12:35:49 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 42 KB
9 KB 96ms
96ms XHR
text/html 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de25aaee352332fd6cf131fa04a1219459f468bfa2d2ca748b42c6f9c10e3937

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
cf-cache-status: DYNAMIC
age: 264
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
varnish-ttl: 900.000
cf-ray: 769b7df44e367333-LHR

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/b/ 394 KB
116 KB 55ms
55ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/b/ym.js?2
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 152573dd5c33427acd9cb77e79d928f1d5ff92ea0204d07e19697e196d1ac0ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-165
cdn-cachedat: 11/11/2022 13:42:19
cdn-pullzone: 139012
last-modified: Fri, 11 Nov 2022 13:42:02 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 299
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"636e512a-628be"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 64d679618b7a3bb6335b2355183ebfda
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2022110901.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 191ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 09:36:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 20:32:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
746 B 190ms
62ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Mon, 14 Nov 2022 00:04:50 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
45 KB 188ms
72ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-586SXC9

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62d6188637b7a9b2d7dd7c6d7dd9fc13c065c4753761130ace6121513c1eb6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 00:04:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 173ms
56ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2936
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 01:15:54 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.0.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js

7 KB
3 KB

51ms
51ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.4/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2b5bddcf1a22673c3dca50357eb75f0767e259dae969fa3fcf2770d9b764d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2239700
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GFPZ9PQTH457N9AN6DMPPK7A-lhr
server: cloudflare
etag: W/"1a3a-hcVpXUspBNC1/NAQABcyCbLFezA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 769b7df6dbbd71de-LHR

Redirect headers

date: Mon, 14 Nov 2022 00:04:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GHSPVXE1XV78DZR5FDJ3MXJ3-lhr
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 393
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.0.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 769b7df65b3b71de-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c15242986bf47900dc1231435103ab2af6ccbed64cbce2f675042f9870df1973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 14 Nov 2022 00:04:50 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 77ms
77ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 724e677fefe4353cb3cad99133e23bd1941cd2e0c3022d84c3bfdaf4e13d7d28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Wed, 14 Dec 2022 00:04:50 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame DCFF 5 KB
3 KB 252ms
81ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 1db1e4ad30b7220d11284e3576c467ff439a8303812c927d139d52f88d2aed5e

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 00:04:50 GMT
etag: PRIVATE7520710249
expires: Wed, 14 Dec 2022 00:04:50 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
44 KB

191ms
64ms

Script
application/javascript

2600:9000:236e:5a00:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 2600:9000:236e:5a00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 23:45:25 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 1166
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: kNfKEw76OoqQdAyVc2RLEl_Fedjnm8cM4s_yDfCJla69KoH_BRbAnQ==

Redirect headers

date: Sun, 13 Nov 2022 22:41:08 GMT
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA60-P4
age: 5022
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: 1hU_gDK_scxe1yiDf8KCvPZq7w8CxGGkZNi6DEF1qkmR2X65vdLROg==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 224ms
93ms Ping
text/html 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?NVR;desktop;B;page_desktop;d80353|2e6e6d
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 231 KB
74 KB 54ms
53ms Script
application/javascript 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 5d6a63f5ce722659922177ef46da8db7aa88e5cfcd181dfdfec8998f22240d45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-199
cdn-cachedat: 11/13/2022 19:57:32
cdn-pullzone: 139012
last-modified: Sun, 13 Nov 2022 19:57:27 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63714c27-39d86"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 60ab4ddbc320be93da407206f83d90a9
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 178 B
871 B 162ms
53ms XHR
text/plain 185.59.220.194
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-713.bunnyinfra.net
Software: BunnyCDN-DE-713 /
Resource Hash: 94678222a22f058e88fad74c1eb100e099942dc7fefdf7f7639b23d57358873e

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
cdn-edgestorageid: 713
cdn-storageserver: DE-197
cdn-cachedat: 11/13/2022 08:31:05
cdn-pullzone: 139012
last-modified: Sun, 13 Nov 2022 08:30:19 GMT
server: BunnyCDN-DE-713
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6370ab1b-b2"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: 711a31f1651af30f1928c3b3296f5d5a
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 2 KB
1 KB 284ms
131ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1jNmQ3ODYzMy0wNzQ1LTQ4MDQtOGE1ZS0zOTQ2NzQ2ODhiZmU%3D&pt=gross&stid=df8388e8-3349-484a-8f57-76e160d623ae&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ee576590132af3c4fd5dd6b557907262882d5f5cd27665f119d72eb729bb52a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
816 B 182ms
59ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:50 GMT
AN-X-Request-Uuid: c453d17b-1a89-4982-a1a6-30d1a17a1b27
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 278ms
127ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=c6d78633-0745-4804-8a5e-394674688bfe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3707000424441538
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f222ef6399cb2ddc9d90246ed110e3ec23a3b5b505f74dc0e40a89eb02559283

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:50 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://nv.ua
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 356ms
185ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 97d08432aa4b57616112dc9ea521edebae88363bbc020d7844ba823dae3015fa

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Mon, 14 Nov 2022 00:04:50 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
276 B 229ms
44ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Nov 2022 00:04:50 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 201ms
61ms XHR
application/json 3.65.169.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.169.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-169-1.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 187ms
73ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=65012515089

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
562 B 207ms
86ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221537460cd6604f4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22d213ae40-68fb-4b86-9cbc-771f4345009c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bb284480ed537%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2216bb284480ed537%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e8416484fbda4df2f0c9ca6e65b7ea25b5868ff2bc55b8ed4ab9ff27b40df6

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSZLmudoUoRSbqk8sGcwF1YJ9eQZzWShkpG2pON2hUExGiMe7vdj6jb1eFAw8khnU2CBn04FcW8Y49%2FwZV%2BLYvSrfuQQxJaP1%2Bx3IbKwXvxycDblqVHeoXyCEn6mISDnoh%2BGMZyh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 769b7df76cd7d180-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
642 B 164ms
51ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 0808d764716bcfd9b9f71afe1907444e133c9cc99139bc762ed99cc431e432dd

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
pod: X-Sovrn-Pod: ad_ap7ams1
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H/1.1 200
OK prebid.1.1.aspx Show response
inv-nets.admixer.net/ 42 B
495 B 183ms
64ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.1.aspx?data={%22imps%22:[{%22bidder%22:%22go2net%22,%22params%22:{%22zone%22:%2245b957e9-02f2-4ec7-aeaa-407a1cb7e830%22},%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[300,600],[300,250]]}},%22adUnitCode%22:%22NVR_ATFR%22,%22transactionId%22:%22c6d78633-0745-4804-8a5e-394674688bfe%22,%22sizes%22:[[300,600],[300,250]],%22bidId%22:%2220f230c8717cd71%22,%22bidderRequestId%22:%2219fba0cd9ec10ff%22,%22auctionId%22:%22df8388e8-3349-484a-8f57-76e160d623ae%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22notsy.io%22,%22sid%22:%22d213ae40-68fb-4b86-9cbc-771f4345009c%22,%22hp%22:1}]}}],%22referrer%22:%22https%3A%2F%2Fnv.ua%2F%22}

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Nov 2022 00:04:50 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://nv.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
340 B 187ms
64ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oeb90&_p=694001149&_gaz=1&cid=690355196.1668384290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668384290&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=page_view&_fv=1&_nsi=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 169ms
57ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=690355196.1668384290&gtm=2oeb90&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 190ms
67ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=690355196.1668384290&gtm=2oeb90&aip=1&z=178017557

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 65ms
56ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51943557-1&cid=690355196.1668384290&jid=1894867990&uid=0&gjid=1464131093&_gid=700634019.1668384290&_u=aCDAgEABQAAAAEAAI~&z=1485232638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 00:04:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 172ms
57ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=694001149&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAAAAAI~&jid=1894867990&gjid=1464131093&cid=690355196.1668384290&uid=0&tid=UA-51943557-1&_gid=700634019.1668384290&gtm=2wgb90WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=A&z=846346204

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 15:06:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32311
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 193ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 204ms
70ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 663 B
374 B 203ms
94ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3817493551335149&correlator=559760761157255&eid=31070837%2C31070739%2C31069564&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=3903318696&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DB%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1668384290537&lmt=1668384290&dlt=1668384289792&idt=710&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=690355196.1668384290&ga_sid=1668384291&ga_hid=694001149&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72d629bfb7b7de46f209b119c4508302f0b108de684a655540172895127faa83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1BD8 6 KB
3 KB 227ms
61ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 00:04:50 GMT
expires: Tue, 14 Nov 2023 00:04:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 181ms
65ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=690355196.1668384290&jid=1894867990&_u=aCDAgEABQAAAAEAAI~&z=894287221

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 176ms
66ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=690355196.1668384290&jid=1894867990&_u=aCDAgEABQAAAAEAAI~&z=894287221

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1668384290571/
Redirect Chain

https://gaua.hit.gemius.pl/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv....
https://gaua.hit.gemius.pl/__/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
423 B

153ms
152ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=L1vV3pmHT9OomYkFKTsxEdXNM7iwUUOxPhnYApuJjlz.X7dvvo94._VVfCAe1uvHWnVbZX0UWppviS0Xz.JYbKXPmi.a/E.CyXUzn3mKCy/&ltime=327&fpdata=rdvVFm6mf9hraUhosAZTRJxpWbMqLsVfAd3T6zg3v7f.s7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b68efbdf79d5cc7a6a34a603746bfff41ab90f243ff7d2d25bc22241e31200df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sun, 13 Nov 2022 00:04:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:50 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1668384290571/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=L1vV3pmHT9OomYkFKTsxEdXNM7iwUUOxPhnYApuJjlz.X7dvvo94._VVfCAe1uvHWnVbZX0UWppviS0Xz.JYbKXPmi.a/E.CyXUzn3mKCy/&ltime=327&fpdata=rdvVFm6mf9hraUhosAZTRJxpWbMqLsVfAd3T6zg3v7f.s7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 13 Nov 2022 00:04:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 133 KB
35 KB 448ms
447ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3817493551335149&correlator=559760761157255&eid=31070837%2C31070739%2C31069564&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=1490142683&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_adform%3Dbanner%26hb_source_adform%3Dclient%26hb_size_adform%3D300x600%26hb_pb_adform%3D5.90%26hb_adid_adform%3D22a93d9c71ec9cb%26hb_bidder_adform%3Dadform%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D5.90%26hb_adid%3D22a93d9c71ec9cb%26hb_bidder%3Dadform&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DB%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1668384290683&lmt=1668384290&dlt=1668384289792&idt=710&adxs=1114&adys=261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=690355196.1668384290&ga_sid=1668384291&ga_hid=694001149&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

435808f1414f2c9d8a7881f7c7c5da2dbe402737e1a1d827400721e8f983d5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36259
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 63ms
63ms XHR
text/plain 18.66.141.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.141.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-141-93.fra60.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 18:41:13 GMT
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
age: 19417
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 4x6d_oQTHZkXj-41Uu2Of65mWsy9I28ZvhBxanBX-FGvekdtglxL3A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
454 B 266ms
93ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=NoQBYVIqilKdO&cb=0&ws=1600x1200&v=22.1107.1609&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_702197190%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_427385194%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: W4Y3Z9Y1A9HNPWB9Q8PD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: c5koakrbNdNJOI4zmFDxlCd5t2ZjmKhDXR0e7TFpPtbn8XBcBtTspQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 164ms
56ms XHR
application/javascript 18.66.141.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.141.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-141-93.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 73Lfxs6DHpOgTaZAZUymb39ifEt2PRR2
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Mon, 14 Nov 2022 00:04:50 GMT
x-amz-cf-pop: FRA60-P4
age: 79079
x-cache: Hit from cloudfront
last-modified: Tue, 08 Nov 2022 20:12:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: F3EKxyqWgnWenTo66uaAXI0AdMDYuPBvagSGxTHjHPW6cnuzTqUGLw==

GET
H3 200 container.html Show response
6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E54D 6 KB
3 KB 172ms
57ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 00:04:50 GMT
expires: Tue, 14 Nov 2023 00:04:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 191ms
64ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:04:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E54D 2 KB
1 KB 179ms
63ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 00:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 22:21:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 00:04:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame E54D 2 KB
846 B 185ms
69ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E54D 0
0 101ms
100ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBi9HIoZxY4SvLcW5lQeQqJ3gBcG7mtFsmcj89NgPzNjPrbQ0EAEg9PnnY2CVAqABv5jetwHIAQmpAozh4eVG4WY-4AIAqAMByAPLBKoE_gFP0M-Wc7a5MTOMaG49lSs8lmoq906qOPUN-3fAWDhOid17Etymedtp96abn4ijFYzUjUWZU074bBRLitKShp5hEOphZquFnB66D0eN664gDG8m-JX6JeSSD-VG2fvJxebU5SxXXzMIe89VdCPXNVrriGaMUu4C7Oj6_4wmI2SoizFedP7xt5KTrj2wm7i9X_EpyKeIK5wBQWfLoqAU0PiBcWB96e7gob3mJeq6IMXqLTtquv_1yTJUmUpKC2ix7OHnAAnGyJLw_GsxTLBYGHyeROkXOFDf5yG6gDFF7ZlCNIICkc3fpXti_M2zCJUg3NPZP_zRswYo0j3IKyIQn8AE34rFuIwE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6nnocgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENbsIdIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTCogUAtAVAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=-fLmrIob8-A&uach_m=[UACH]&cid=CAQSPwDq26N9ZkkelyAtl-6GiIkcl_3XACv2PAe8BIbbs3ipACn_KyS2dkpnrlXVg4UEwqQTDK-EGWd4RorFp7SwqRgBIBM&template_id=494
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame E54D 23 KB
10 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 17:15:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame E54D 3 KB
1 KB 184ms
72ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame E54D 18 KB
7 KB 173ms
61ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E54D 0
0 185ms
66ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_C579mreeD1ivvRDFVb2-A8z3-N8abUtDfxfg8c2RAub1uFO74hlHM18xpQjSxoyNgoafttueTavwzsJQcRMJiaZ1Ug
Requested by: Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E54D 154 KB
47 KB 204ms
94ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 00:04:51 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame E54D 34 KB
14 KB 176ms
57ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 09:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 09:27:11 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E54D 32 KB
32 KB 254ms
124ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSDs9WaTty7MxysJT_bAvd3b6ncvQ599YS7YQUqOCh52rsR9T9aXCOd0OO06g&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

283822c4300f869db535d19a44aa5f483ae410789aa04200c2449e879d32afe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 02:35:58 GMT
x-content-type-options: nosniff
age: 77333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32828
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 10:10:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 Nov 2023 02:35:58 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E54D 33 KB
33 KB 232ms
109ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR_Pl8q1E_wihoIIpwS2MgyevZL4LYftBqLapDDk04itYRcHp0SiRm-Bc_tGfk&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd9d8afa7a5c91f22989d7a1be4d16e5814b4126d06dd5fe20479c8fcf63f03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 15:40:12 GMT
x-content-type-options: nosniff
age: 375879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33498
x-xss-protection: 0
last-modified: Sun, 30 Oct 2022 08:53:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Nov 2023 15:40:12 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E54D 25 KB
25 KB 270ms
146ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUEGE0DakkLkTjasCNFLMOf2hzxjpVTgDkesl26ig3o5Ae3EKW0oP7PQf_Qs4&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95abf4f811d02ab5c4c4d25a56cffb657adec21938888e56bd0976d9681f99f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 12:44:14 GMT
x-content-type-options: nosniff
age: 127237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25775
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 14:41:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 Nov 2023 12:44:14 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E54D 25 KB
26 KB 172ms
54ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRDjkagJaXj20OH-h08dSL3K8RSEpa1TCc0hjPnQLR28KuoaQ3-6kMkWHYYO1A&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7d6408d2b13ec575b154aa7205556b970f0250e4a33fb57ab8accf887892a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 00:50:31 GMT
x-content-type-options: nosniff
age: 256460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25860
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 06:48:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 11 Nov 2023 00:50:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E54D 30 KB
30 KB 294ms
164ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQx_UbC1tKzQgMDJp-5JRzLxmmEPsJ0PsuiAgJp_1Yx2Kp1rrYwgv-OyBg_qy8&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be70e3d1ef253a3129a1c7e20fa31408274eb3f9f3d18ef2571252bb493abed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:56:10 GMT
x-content-type-options: nosniff
age: 274121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30813
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 06:51:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 10 Nov 2023 19:56:10 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E54D 22 KB
22 KB 295ms
172ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSe3gPwxTm0yycICik5J7IQEqNj_XDEDOMVrRBbFBIAwH8oRwetUlRxQ96-Aw&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8249000f6a288277179aa025a2d2587ffa35ba8ba57648a89f1688e8ec1fa93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 80310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22675
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 10:47:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 Nov 2023 01:46:21 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E54D 26 KB
26 KB 170ms
53ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT1JmBdyY0UKTet7TEgdx7Aeka2BHB8Zq81-GYN-aJhM29F-tnEUi0ORhC9pA&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0641adc9ec0ca697476f609f0dd7ce748ec14173c1135ed80713173ed441acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:45:24 GMT
x-content-type-options: nosniff
age: 80367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26282
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 10:12:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 Nov 2023 01:45:24 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E54D 28 KB
28 KB 224ms
109ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRRIWT5cSCUZj9v3jt80FuF-GtCpAZySfOUaAKLsn9maH7w0hrBjEmrOu6jBKM&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc4fcd96613f038e7fae4279f45b1392f56ed4158862dcefb4e1b2b83a13d42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:41:55 GMT
x-content-type-options: nosniff
age: 80576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28730
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 11:19:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 Nov 2023 01:41:55 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E54D 26 KB
27 KB 176ms
56ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSN3E1HvhjLzAXACeUTZHawqn4LjcRvkbPbgDF9HNSv_YxHIBJP6Il1nHjbMA&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5350ccbfbd634755b5e626fb2170ed5b8200cf4ed78ee003d77369dbb96d4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 19:04:30 GMT
x-content-type-options: nosniff
age: 450021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26659
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 01:13:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 08 Nov 2023 19:04:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E54D 35 KB
35 KB 183ms
57ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRHKiWYSGK86yj_cQq1Nrtksa7tGu00PPvgHEIikzu2AZqPusS6iumJud9LaQ&usqp=CAI

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5a30fb8cfbc22e9d08d812203ed7f305030a56e8404a3a54665fd5589f36367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 01:45:00 GMT
x-content-type-options: nosniff
age: 425991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35595
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 14:08:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Nov 2023 01:45:00 GMT

GET
H3

200

15805113605579073171
tpc.googlesyndication.com/simgad/ Frame E54D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo3p-rIxC0ARi0ATIIkgobWubvYkk
https://tpc.googlesyndication.com/simgad/15805113605579073171

11 KB
11 KB

165ms
53ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15805113605579073171

Requested by

Host: 6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
URL: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

065611e6c9c0a889b131c1adbec240a6cf7cbe4a329151588ba99f732135de4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 09:13:17 GMT
x-content-type-options: nosniff
age: 399094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11112
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 11:01:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 09:13:17 GMT

Redirect headers

date: Sun, 13 Nov 2022 13:56:34 GMT
x-content-type-options: nosniff
server: cafe
age: 36497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/15805113605579073171
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 13:56:34 GMT

GET
DATA 200
OK truncated
/ Frame E54D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acb30b307056596db93fb47070bd7bea09c005af8596c1c4d9fb6acb71c0ada4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9C74 15 KB
6 KB 175ms
60ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 00:04:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 891725
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 224ms
111ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Nov 2022 00:04:51 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame E54D 20 KB
21 KB 173ms
57ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 438723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:12:48 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C74
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=BU1dO3xnVWxDS0RTaUcyQk54eVltYUhGVWVlNndldUxsUlhHQ2x4YmprbGo0OUlIaXpCREFGVjI2ZWlXQUxwVFJEWDN2Rms0MmZuK1dMT04wSGdyOTdrTFdxekVZRlFWc3Iwd1EvaWZ0UjFBc1lSYzVvT0lkZVdCZ3VvRF...

417 B
649 B

155ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BU1dO3xnVWxDS0RTaUcyQk54eVltYUhGVWVlNndldUxsUlhHQ2x4YmprbGo0OUlIaXpCREFGVjI2ZWlXQUxwVFJEWDN2Rms0MmZuK1dMT04wSGdyOTdrTFdxekVZRlFWc3Iwd1EvaWZ0UjFBc1lSYzVvT0lkZVdCZ3VvRFNmU0VMR0Z5S1Q4dUlKN3Y4ZXBVYUZ1RmFociswa2N1REE1VklFTURCMk5QaXgrYzlsSEhCRFdERXNpL1VybXYxbVlLUHE5SWplR1Z6eVVkK1dIdlBmZXM4ZWJpUE9vYVRZcUcwY0phcW1tdStQZlh6ZjBRUm5JdC9yL2xKc2czWjJmdnFyRkswR3A4QmM2cWtRVGVtZHpsNjVacTBjdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

faa6cb385c126079034ade660c3c5e4fa31ae0d366a55723688ed67c31b15840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1896193
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=BU1dO3xnVWxDS0RTaUcyQk54eVltYUhGVWVlNndldUxsUlhHQ2x4YmprbGo0OUlIaXpCREFGVjI2ZWlXQUxwVFJEWDN2Rms0MmZuK1dMT04wSGdyOTdrTFdxekVZRlFWc3Iwd1EvaWZ0UjFBc1lSYzVvT0lkZVdCZ3VvRFNmU0VMR0Z5S1Q4dUlKN3Y4ZXBVYUZ1RmFociswa2N1REE1VklFTURCMk5QaXgrYzlsSEhCRFdERXNpL1VybXYxbVlLUHE5SWplR1Z6eVVkK1dIdlBmZXM4ZWJpUE9vYVRZcUcwY0phcW1tdStQZlh6ZjBRUm5JdC9yL2xKc2czWjJmdnFyRkswR3A4QmM2cWtRVGVtZHpsNjVacTBjdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 606418
content-length: 0
expires: 0

GET
H2 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E21 36 KB
16 KB 180ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 19:08:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E54D 42 B
64 B 209ms
100ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyAs9ZzOMi6U4KQbYy_iQqu0skOQlHIN1aEA2_f5URE_SZA-DC1BYLcv8t6lcEVXFQFqsQPPXscXmHNh1CeUpL9ppmi0aL1IULMpXqvIgneDoCIA4NqDj8tijmH03y1JvFlnAgzqGrcpCUuvEyjzT5plLJ-uDzi9ERJQ&sai=AMfl-YQwoTqBuRiJ6rIcXLEAI8iBgJ_k3pP0zIckkQTko2YOv_CVTuTyv_2qRx42thjOFutZGhB41ymI5ZnoYRxxtE3tmFXkRmsc2kjpdU2TGFLIaCw1B2oGTz5KSqhmF1DHdmQ&sig=Cg0ArKJSzBeMjm-spXBPEAE&cid=CAQSPwDq26N9ZkkelyAtl-6GiIkcl_3XACv2PAe8BIbbs3ipACn_KyS2dkpnrlXVg4UEwqQTDK-EGWd4RorFp7SwqRgBIBM&id=lidar2&mcvt=1000&p=266,1114,866,1414&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1490142683&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668384291175&rpt=749&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 817F 281 B
554 B 196ms
58ms Document
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 14 Nov 2022 00:04:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E189 52 KB
17 KB 171ms
53ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 69756
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 14 Nov 2022 00:04:53 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 9, 861356
X-Served-By: cache-lga13626-LGA, cache-hhn4080-HHN
X-Timer: S1668384294.826750,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame EE20 3 KB
2 KB 148ms
48ms Document
text/html 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 739
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 769b7e0c4ffa75c3-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 00:04:53 GMT
expires: Mon, 14 Nov 2022 04:04:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 3F9A 37 B
140 B 172ms
60ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/b/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 14 Nov 2022 00:04:53 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

136ms
87ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634174bf6422a6f815a7ac778d668504308f7c80fe1d6b23dffd0e84804f13d4

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 769b7e0e1f2971c9-LHR
content-encoding: br
content-type: text/html
date: Mon, 14 Nov 2022 00:04:54 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdGHZOUYqr8WOejdJV4fXMabfgoe%2FSS2lWsOLhis59J46aNQvP%2BCSsS7bPeDVBZfaI54HQRLR1%2Fh9PegVwG6dEkdZjYN5ULbRLZ7psL65%2B9GXnS3QWhtu5n1fPwblDu7%2FcwT%2BaYdOYmzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 769b7e0d4f2a76c6-LHR
content-length: 0
date: Mon, 14 Nov 2022 00:04:53 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHp991s6nqIkzP7usvtWDjlQqE9tAJ3v0P%2FO6%2BGdwDvj17IwssQ4D1HSrKA%2B10ebpIor%2FkANIAxwX13Tv0GC0aS3K4CEEEfzdeZrFKW1OIxxjDvHNuD7h2pIT5lOcXwrViFMmBssee6AiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame E189
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
932 B

57ms
57ms

Script
text/html

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:53 GMT
AN-X-Request-Uuid: fac4a9e6-365c-451d-b186-c90db6185167
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:53 GMT
AN-X-Request-Uuid: 808d3d9f-02cc-42a9-9805-588218acce7c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 817F 33 KB
10 KB 57ms
57ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1130210f2839a120b566a95d84b393f660e1a411befdfe2b1acb7eef287c4a8b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 00:04:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Nov 2022 20:09:55 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=72221
Connection: keep-alive
Content-Length: 9884
Expires: Mon, 14 Nov 2022 20:08:34 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 817F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vwsZRvbbSWuKplDPRWMk5Q&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vwsZRvbbSWuKplDPRWMk5Q

43 B
720 B

131ms
130ms

Image
image/gif

67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vwsZRvbbSWuKplDPRWMk5Q

Protocol

HTTP/1.1

Server

67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 64YYTDQPFXQ3Y47YE2DH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vwsZRvbbSWuKplDPRWMk5Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 817F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAG0XHH6-C-KKQV

0
708 B

839ms
713ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAG0XHH6-C-KKQV
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:54 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 56422B65D65A43C8B953586C714898BD Ref B: DUS30EDGE0905 Ref C: 2022-11-14T00:04:54Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtYv1Ank/auPIwJZvSTQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAG0XHH6-C-KKQV
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 817F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECT7LOhidLFps9v59I9FOxQ&google_cver=1

0
239 B

224ms
55ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECT7LOhidLFps9v59I9FOxQ&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECT7LOhidLFps9v59I9FOxQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFHMFhISDYtQy1LS1FW

170 B
188 B

185ms
70ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFHMFhISDYtQy1LS1FW

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFHMFhISDYtQy1LS1FW
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 817F 70 B
264 B 182ms
58ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 817F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0NGM0NTI3M2IyN2VlMTAwZmM5ODM2YzA5YWI2ZDcyNmVhZWUyMA

170 B
188 B

184ms
69ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0NGM0NTI3M2IyN2VlMTAwZmM5ODM2YzA5YWI2ZDcyNmVhZWUyMA

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0NGM0NTI3M2IyN2VlMTAwZmM5ODM2YzA5YWI2ZDcyNmVhZWUyMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 817F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dEdNUmG5SHmR4cO7jIOezQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dEdNUmG5SHmR4cO7jIOezQ

43 B
479 B

125ms
124ms

Image
image/gif

209.54.182.161

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dEdNUmG5SHmR4cO7jIOezQ

Protocol

HTTP/1.1

Server

209.54.182.161 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FKAXSTEE8M4RH0DGAGT7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dEdNUmG5SHmR4cO7jIOezQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 817F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/6MKZF6r65jgeRn5IJa9Zkw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=209810140089916777

0
239 B

100ms
55ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=209810140089916777
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 14 Nov 2022 00:04:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=209810140089916777
content-length: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIjR7KtyXZsVxPVIZ32Bnr4&google_cver=1

43 B
843 B

79ms
78ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIjR7KtyXZsVxPVIZ32Bnr4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWq2R7muZjUammMkFpxIpeD3mB1DiOo0QVrYFxZMLhopvR68GHWwNKki8kgVPNu7SAkLNCTv4jujqdaUTSoRWC%2BEfTJOSe3249rjeJNJJVzTNaHbXN%2Fp0fBmSgwrU0d4kOc%2Fga6x1QYucA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 769b7e0f68d671c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIjR7KtyXZsVxPVIZ32Bnr4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7485 70 B
265 B 66ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7485
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&dcc=t

43 B
855 B

130ms
129ms

Image
image/gif

209.54.182.161

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.182.161 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0C4HFZ5A5HBVA18EAZH6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ASC28ZHJZ9SDNPWVB9PP
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAABFcAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3GGJSWDigRSGHhRNJW27AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEI5gYhXkym_K4xb7Xpkjo&google_cver=1

43 B
766 B

55ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEI5gYhXkym_K4xb7Xpkjo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKEI5gYhXkym_K4xb7Xpkjo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y3GGJSWDigRSGHhRNJW27AAA%261111
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fa9e94c2-284a-4031-b0e7-d54b64aa5b9a-tucta6b0ba6

43 B
766 B

86ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fa9e94c2-284a-4031-b0e7-d54b64aa5b9a-tucta6b0ba6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=fa9e94c2-284a-4031-b0e7-d54b64aa5b9a-tucta6b0ba6
date: Mon, 14 Nov 2022 00:04:54 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 53751

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
766 B

54ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 7485 43 B
433 B 231ms
53ms Image
image/gif 54.171.34.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.34.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-34-58.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7224696479327687294&expiration=1669593894

43 B
766 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7224696479327687294&expiration=1669593894
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 00:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7224696479327687294&expiration=1669593894
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 7485 43 B
352 B 156ms
50ms Image
image/gif 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y3GGJSWDigRSGHhRNJW27AAA%261111
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 00:04:54 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 5637
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 769b7e0f6a3071c0-LHR
content-length: 43
expires: Tue, 15 Nov 2022 00:04:54 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E189 0
860 B 82ms
81ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 00:04:54 GMT
AN-X-Request-Uuid: 692351e4-c422-4f1d-965d-878cbe2918c9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 07:26:24	Name: XSRF-TOKEN Value: eyJpdiI6IlZLRWZwci9SMGlKaXVZRVJxVDJQOVE9PSIsInZhbHVlIjoiOFFOZm5sWEh0V1pJNWxlNE1PLy80RDhOQ1lOMmRPS3FaVHM1d2hnYXgwNENGUklwVUJDTmJLeVNwOS9jZmVDcnM0MDh4QlFSTnZ0WTNUTHhNREdkMFJQMnVqQnJQNmYreEtCZ3k1RnBuT04xWG1BWjZLZFRKT0Y0TDJ6R3N2emUiLCJtYWMiOiIwZDY1NjllNGZlNTcyMzAwZDI5MWNlYTVkZjdmYWY4YjZhNmYyZGQxZGNiNWVlMWI3ZmE3MTY4NmMxNTJlY2JmIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:26:24	Name: nvnew_session Value: eyJpdiI6Ikd5Mkd1ZmpYcTFjWDVMbmVmakJDNnc9PSIsInZhbHVlIjoieXI3TW5qeW9QRTZNSUJWMGdrZXJSMVRQbm41Zm5RV09QZ0I4bDBmYUxrQXFTTWZRZXE3eG9wM3VZSm02a1k5RVA4ZXg1M0VnMThLZG9nNll1VmRsTHBqOHphYVF5alhJdS82U0V6YUJ6YVNGaDBuRFNMbGZIeXBPcjFhYXdSa08iLCJtYWMiOiJlNWRjNDY0MWU4ODA4NTBmOGVjYWE2OTQyODQzYzExN2YzMDA1MmM5NDdjNWZjMzRjZDNhNmFjODUwOTg2OWUxIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 07:26:24	Name: device_type Value: desktop
.nv.ua/	1969-12-31 23:59:59	Name: test_variant_session Value: A
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 08:09:36	Name: yield_master_ab_nvr_go2net Value: B
.nv.ua/	1970-01-20 09:36:00	Name: _gcl_au Value: 1.1.631097654.1668384290
.hit.ua/	1970-01-20 17:02:24	Name: uid Value: 1565185349.1668384290.1810464575
.nv.ua/	1970-01-20 16:55:12	Name: __gfp_64b Value: rdvVFm6mf9hraUhosAZTRJxpWbMqLsVfAd3T6zg3v7f.s7\|1668384290
.nv.ua/	1970-01-20 17:02:24	Name: _ga Value: GA1.2.690355196.1668384290
.nv.ua/	1970-01-20 07:27:50	Name: _gid Value: GA1.2.700634019.1668384290
.nv.ua/	1970-01-20 07:26:24	Name: _dc_gtm_UA-51943557-1 Value: 1
.admixer.net/	1970-01-20 09:36:00	Name: am-uid Value: 94fb45be516544aa8288e3f2f9a8f2c3
.rubiconproject.com/	1970-01-20 16:12:00	Name: khaos Value: LAG0XHH6-C-KKQV
.rubiconproject.com/	1970-01-20 16:12:00	Name: audit Value: 1\|naVuGyos1qoKwYjUuglTUq2qEsFCZ0ctSdOhPT1GMTm4dorU8DsKfWn0qct2xNmOqzSne0l760vHH+5S0WTXOH7y6MIaC84S
.hit.gemius.pl/	1970-01-20 07:36:29	Name: Gtest Value: KlxTbRGGQMQGiceiMSKLeXcissGMXP8c25nSGuh57Pn7XBG.
a4p.adpartner.pro/	1970-01-20 08:52:48	Name: apuid Value: 1c160f51-6ffe-46cb-bb7e-601756074b4d
.hit.gemius.pl/	1970-01-20 16:55:12	Name: Gdyn Value: KlxUeMaGQMQGiceiMSKLeXcissGMXP8c25nSGuh57Pn7FRxSG7RrGS6Gw9fBFlMQYH8W8jBGqSRxSG8.
.nv.ua/	1970-01-20 16:48:00	Name: __gads Value: ID=e75becbd381bf008-227a05cfafce003a:T=1668384290:S=ALNI_Mb4dFgvkrMGyZEc8HAwQG4UN_2-cg
.nv.ua/	1970-01-20 16:48:00	Name: __gpi Value: UID=00000b80cf84a3c2:T=1668384290:RT=1668384290:S=ALNI_MZHr_yyuXwrwQZXDG6PJcgUuD73kA
.nv.ua/	1970-01-20 17:02:24	Name: _ga_52RSPD3WMK Value: GS1.1.1668384290.1.0.1668384291.59.0.0
.doubleclick.net/	1970-01-20 16:48:00	Name: IDE Value: AHWqTUlPxMeRhgPC3plLoAm5UCYG4b0htzSpupEMDCz2lnnC8moNBV21TryNcjsBSXc
.criteo.com/	1970-01-20 16:48:00	Name: uid Value: ab1051ae-3556-44be-b056-cc58c05da453
.nv.ua/	1970-01-20 16:48:00	Name: cto_bundle Value: myHhUl9aM0h4QnNoS21TeURrTENCdnZTVm54dlNJOVNTMU01eDVOWGtDdjlTMER5cjNSVFdRT3NwakR4QTh5cmdPQTV5cHRQdW45TllyTiUyRkdnTE00QmI4cmZ0Q3dUMjRabU0wWE9pNHVVdU9GWEU5anhCc29EZ1FoNXRKaU5nZzFXakJwNm5SWkd0ZSUyRmZQVGxydmNPdmxlQ1V3JTNEJTNE
.adnxs.com/	1970-01-20 09:36:00	Name: uuid2 Value: 6153278653082883817
.casalemedia.com/	1970-01-20 16:12:00	Name: CMID Value: Y3GGJSWDigRSGHhRNJW27AAA
.casalemedia.com/	1970-01-20 09:36:00	Name: CMPS Value: 1111
.casalemedia.com/	1970-01-20 09:36:00	Name: CMPRO Value: 1111
.adform.net/	1970-01-20 08:09:36	Name: C Value: 1
.adform.net/	1970-01-20 08:52:48	Name: uid Value: 7224696479327687294
.amazon-adsystem.com/	1970-01-20 17:02:24	Name: ad-privacy Value: 0
.yahoo.com/	1970-01-20 16:12:21	Name: A3 Value: d=AQABBCaGcWMCEBrFL47eEQ5N4zuLn_AGo6gFEgEBAQHXcmN7YwAAAAAA_eMAAA&S=AQAAAuTIMTAtlzPZtLHjdwcdQKA
.casalemedia.com/	1970-01-20 09:36:00	Name: CMTS Value: 5183
.amazon-adsystem.com/	1970-01-20 12:56:09	Name: ad-id Value: Azhv8dn-wEQGuk4PlHGu6Po\|t

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c6bae69800091e8e112f245589eaf65.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
c1.adform.net
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
d3div1mtym39ic.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
inv-nets.admixer.net
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
nv.ua
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ym-tack.b-cdn.net
104.18.13.76
104.18.18.126
104.18.19.126
13.248.245.213
138.199.37.231
141.226.228.48
142.250.185.98
146.0.227.110
146.59.30.96
151.101.65.108
178.250.2.146
18.66.141.93
185.59.220.194
185.80.39.216
2001:4860:4802:34::36
209.54.182.161
216.52.2.39
23.203.77.3
2600:9000:236e:5a00:11:1ed0:3900:21
2602:803:c003:200::21
2606:4700:10::ac43:175a
2606:4700::6810:7daf
2620:1ec:21::14
2a00:1450:4001:800::200e
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9b
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a05:d018:d29:3602:fe88:ebd2:7b5:6ad
2a0c:5c81:5142::2
3.33.220.150
3.65.169.1
37.157.2.234
37.157.3.28
37.252.171.53
51.83.220.94
54.171.34.58
54.37.238.28
64.74.236.127
67.220.226.232
69.173.144.138
69.173.144.139
89.184.81.35
99.86.3.236
04c6e2ccb5d7294aa04b5776c4433f2eaa3f4d5309ca7098265391f5466372fb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
065611e6c9c0a889b131c1adbec240a6cf7cbe4a329151588ba99f732135de4b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0808d764716bcfd9b9f71afe1907444e133c9cc99139bc762ed99cc431e432dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1039c70abb863b7334bc37469d6d4b7267fe46814ced7546ef0c21efa42aa671
1130210f2839a120b566a95d84b393f660e1a411befdfe2b1acb7eef287c4a8b
152573dd5c33427acd9cb77e79d928f1d5ff92ea0204d07e19697e196d1ac0ba
18b882ce88a18cc29d3f5da1949d848b5fd0df19f5061f9060c6fbd4bcbbbb27
1db1e4ad30b7220d11284e3576c467ff439a8303812c927d139d52f88d2aed5e
2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15
283822c4300f869db535d19a44aa5f483ae410789aa04200c2449e879d32afe6
285f8768ab0e54d1c3dd37397a9c189eb3f3ad448590844ae41628c5d16e363b
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2a6b687eed31482da50a5f27c32883843d33cdb01c95115f5e85cb2dddebe0a1
2b46ab78a58ccbdd47cc1244af5f67e97a482ecf18dec08ab02ea2c5d7db06cb
2f9b511f3f6eeb5e3d8cfa15b6996593df96b1c086e7dac6f74d788b9bca9c2f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403ffda90388f3b699d572f5889ad34e2fdc8936d626bf0c92495e6bbf6ec63d
41e0cf4a73042ac62fa1884fd211efa71547f9ac60e38f1fbd6b19c62b40c0ba
435808f1414f2c9d8a7881f7c7c5da2dbe402737e1a1d827400721e8f983d5f9
4614363f3d00c3a0d266cc68cfb56c808014eda9b8810deb3a9f3476f6080b63
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
491e30e7b076ded3db2662c884ab4d83ae4a850706ca616cacda0a41fc49deb6
4e902a920890842b9bdddef3f81275ed6dc1a4d2ccd9419af6e840ee2f130e88
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5d6a63f5ce722659922177ef46da8db7aa88e5cfcd181dfdfec8998f22240d45
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
625c0b22560a5b204c6fcb77dd3751b4550c4fa009443a46e0212a4481ab5375
62d6188637b7a9b2d7dd7c6d7dd9fc13c065c4753761130ace6121513c1eb6c1
634174bf6422a6f815a7ac778d668504308f7c80fe1d6b23dffd0e84804f13d4
64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8
660df3f52200be4eae96681f61f9ba205e8c93b4dba19badc18eb01dfb84dab9
69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b37ac11c1455172c8e00772c8f9b42e24f61fd0e19014573fba61c185489f4d
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
724e677fefe4353cb3cad99133e23bd1941cd2e0c3022d84c3bfdaf4e13d7d28
72d629bfb7b7de46f209b119c4508302f0b108de684a655540172895127faa83
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6
7cabf0c2848b22466698c3f66fb5e8e1427684b1f471b376318d5eb0b384b43f
806d1b466168e0a85d12031408a9ce38eb44646c8d177daa5add61a9522a3eb9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
86849769d13423371b16272ce102baaa30d651d237e13331b2dc4ec0030186b3
8701acea38a73fcfb3d8445c70e13f885ac8846666b9dc10c3937bfa639a3296
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e02cfa8d2e7c0999cbd9ecf21ad707d339d77d265af53cdd80f83696949690c
8fa2ce29960467c79ac61a87ce938261fb5b390b32e922e08e60b3a9d9085a76
921119bf3e83ece3ace27e2163363319ac3af3531e6274217ba8a901f531fb11
94678222a22f058e88fad74c1eb100e099942dc7fefdf7f7639b23d57358873e
95abf4f811d02ab5c4c4d25a56cffb657adec21938888e56bd0976d9681f99f7
97d08432aa4b57616112dc9ea521edebae88363bbc020d7844ba823dae3015fa
98e4dd024b49fe9910b6469f4df2d76986e8ae6546f546fb28928bd445ac3743
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9d1b4d10a2be6b7d41c751ec2156866f085d8e912c5d07d80ea08683781f8c46
9d70720b643fb98878b663768d2f3ee1b44fd5f3ff7add6d8e3062c43a1e4c59
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acb30b307056596db93fb47070bd7bea09c005af8596c1c4d9fb6acb71c0ada4
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b313688d88461444039047769a5d850850a76b3ab98d4ec76f75945ca51d4890
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4f62bf20a3f0808f3fcbf15652faf6d62a407e40a5d90b064cac4483987de93
b5350ccbfbd634755b5e626fb2170ed5b8200cf4ed78ee003d77369dbb96d4fb
b68efbdf79d5cc7a6a34a603746bfff41ab90f243ff7d2d25bc22241e31200df
b806f14227e373990c4d9245062529f950e6bc6d30e8b273049efbe44c454881
b9d3c26dfafb5f99743a304e67f134b3b7316bb1883c624708ea479763fb1a61
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc2b5bddcf1a22673c3dca50357eb75f0767e259dae969fa3fcf2770d9b764d6
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
be70e3d1ef253a3129a1c7e20fa31408274eb3f9f3d18ef2571252bb493abed2
bf8a293defe07ab051a48893c2bda9683d6a3fb6e054d346a8e21f8a54346cb0
c15242986bf47900dc1231435103ab2af6ccbed64cbce2f675042f9870df1973
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38e9e2e2656e490169498dcf3a0a6d0b5f6889ee2c48dee3b9f9bf877bf14ea
c8249000f6a288277179aa025a2d2587ffa35ba8ba57648a89f1688e8ec1fa93
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cc4fcd96613f038e7fae4279f45b1392f56ed4158862dcefb4e1b2b83a13d42f
cd9d8afa7a5c91f22989d7a1be4d16e5814b4126d06dd5fe20479c8fcf63f03e
d0641adc9ec0ca697476f609f0dd7ce748ec14173c1135ed80713173ed441acd
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2
d6e8416484fbda4df2f0c9ca6e65b7ea25b5868ff2bc55b8ed4ab9ff27b40df6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de25aaee352332fd6cf131fa04a1219459f468bfa2d2ca748b42c6f9c10e3937
e1fc8ef5fdd07686f5ae33d12341e8cbbbcd608908676ef4017d32bf0ec17dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a30fb8cfbc22e9d08d812203ed7f305030a56e8404a3a54665fd5589f36367
e7b555015b62303472b77f7c9212d1aa66b32c94e2035d3925cbed3a0eefe80d
eb0b6748da84eee7683c46e4fbf1bcb4b65a8d45ed5b3f31a3026a46535b13ef
ee576590132af3c4fd5dd6b557907262882d5f5cd27665f119d72eb729bb52a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f222ef6399cb2ddc9d90246ed110e3ec23a3b5b505f74dc0e40a89eb02559283
f4d59d192d5f3882bdcca7c4c16c4feb1ad4b89d5f7d3057c8d27118c3190c9c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7a65b7dc1eba236cd5d7e2e414f9e5df7c29d052c840316cda5a2083c358872
f7d6408d2b13ec575b154aa7205556b970f0250e4a33fb57ab8accf887892a8c
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
faa6cb385c126079034ade660c3c5e4fa31ae0d366a55723688ed67c31b15840
fac437541a70676cc828ad4cd9286f68ef4cce65ac2f95932923ae11f9c84234
fc3e26943c71cf9963c4b2d3dd59ff102f6aa8f29614e7cb0d98d076de7ebb7c
fc60ac92865e6b0590986ae78ddc783e9bcffa13ad2b65d0d965ce77c41b07ee

nv.ua Open in urlscan Pro 2606:4700:10::ac43:175a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

87 %HTTPS

49 %IPv6

36 Domains

64 Subdomains

57 IPs

13 Countries

2454 kBTransfer

4538 kBSize

34 Cookies

121 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

87 %
HTTPS

49 %
IPv6

36
Domains

64
Subdomains

57
IPs

13
Countries

2454 kB
Transfer

4538 kB
Size

34
Cookies

143 HTTP transactions
1 data transactions