nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nv.ua/
Effective URL:
https://nv.ua/
Submission: On July 24 via api (July 24th 2022, 2:04:18 am UTC) from GB — Scanned from GB

Summary HTTP 150 Redirects Links 113 Behaviour Indicators

Summary

This website contacted 54 IPs in 11 countries across 38 domains to perform 150 HTTP transactions. The main IP is 2606:4700:10::ac43:175a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 88978.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:4700:10:... 2606:4700:10::ac43:175a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2606:4700:303... 2606:4700:3030::ac43:8f51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	2a06:8640:454::2 2a06:8640:454::2	55081 (24SHELLS) (24SHELLS)
1	3.64.76.190 3.64.76.190	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
5 14	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	35.157.246.2 35.157.246.2	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.14.124 54.229.14.124	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3605:9ba9:76c9:a8da:3df	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	88.221.168.248 88.221.168.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	52.16.111.17 52.16.111.17	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.203.133.218 52.203.133.218	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
150	54

39 2606:4700:10::ac43:175a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:8f51 (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.76.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-76-190.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.2 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.14.124 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-14-124.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:9ba9:76c9:a8da:3df (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-248.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.111.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-111-17.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.133.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-133-218.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	nv.ua 1 redirects nv.ua — Cisco Umbrella Rank: 88978 static.nv.ua — Cisco Umbrella Rank: 199996	1012 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	168 KB
20	googlesyndication.com 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	100 KB
9	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 553 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	9 KB
9	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 token.rubiconproject.com — Cisco Umbrella Rank: 703 pixel.rubiconproject.com — Cisco Umbrella Rank: 333	13 KB
9	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 s.amazon-adsystem.com — Cisco Umbrella Rank: 287 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294	46 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 234 acdn.adnxs.com — Cisco Umbrella Rank: 566	33 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 50808 ls.hit.gemius.pl — Cisco Umbrella Rank: 12817	19 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 722 gum.criteo.com — Cisco Umbrella Rank: 397 mug.criteo.com — Cisco Umbrella Rank: 2751	8 KB
4	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 55499	63 KB
4	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 111823	181 KB
3	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473 ads.yahoo.com — Cisco Umbrella Rank: 1462	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4623 www.google.co.uk — Cisco Umbrella Rank: 2912	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
2	eqads.com 1 redirects um2.eqads.com — Cisco Umbrella Rank: 4115	563 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 585	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 34393	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 824 r.turn.com — Cisco Umbrella Rank: 2958	869 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	243 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 615	57 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 635 eb2.3lift.com — Cisco Umbrella Rank: 400	656 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 893	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	149 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 371	710 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 622
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 2333
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 186
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 933	99 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 811	335 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5373	325 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 6944	402 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 3747	478 B
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 131092	310 B
0	netmng.com Failed google2waycm.netmng.com Failed
150	38

	Domain	Requested by
27	static.nv.ua	nv.ua
14	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com ssum-sec.casalemedia.com
12	nv.ua	1 redirects nv.ua
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nv.ua 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nv.ua 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net um2.eqads.com
5	ib.adnxs.com	1 redirects cdn.membrana.media googleads.g.doubleclick.net acdn.adnxs.com
4	token.rubiconproject.com	4 redirects
4	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
4	images.weserv.nl	nv.ua
4	cdn.membrana.media	nv.ua cdn.membrana.media
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com
3	x.bidswitch.net	3 redirects
3	www.google.com	nv.ua tpc.googlesyndication.com 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	1 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	js-sec.indexww.com	cdn.membrana.media ssum-sec.casalemedia.com
2	gum.criteo.com	1 redirects static.criteo.net
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	r.scoota.co	2 redirects
2	s0.2mdn.net	94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	nv.ua
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	unpkg.com	1 redirects nv.ua
2	www.google-analytics.com	www.googletagmanager.com nv.ua
2	www.googletagservices.com	nv.ua 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	px.ads.linkedin.com
1	ads.yahoo.com
1	id.rlcdn.com
1	ad4m.at	ssum-sec.casalemedia.com
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	sync.taboola.com	ssum-sec.casalemedia.com
1	eb2.3lift.com	cdn.membrana.media
1	acdn.adnxs.com	cdn.membrana.media
1	mug.criteo.com
1	onetag-sys.com	1 redirects
1	r.turn.com	94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	googleads.g.doubleclick.net	94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
1	www.google.co.uk	nv.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	c.hit.ua	nv.ua
0	google2waycm.netmng.com Failed	94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
150	62

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
cdn.membrana.media R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
hit.ua R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
um3.eqads.com Amazon	`2022-06-11` - `2023-07-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://nv.ua/
Frame ID: 9A49D4CC1E846A9746F86FE3178AD633
Requests: 85 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 6D0FABB0DE485D12B67FFE1AAFE3931D
Requests: 1 HTTP requests in this frame

Frame: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B4764276F965C6C32104EFB5FFDD9065
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F5A8E29ECF2CA6EF8ADF29009F58BB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89BB5C86695F5C09B4BB5AA95B135282
Requests: 2 HTTP requests in this frame

Frame: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F2F446861A45DCA7C75872C589E39772
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGJX7ssgBMAE&v=APEucNXKmiPtWyo4X-fIuxHi2vRQ8ua2T43yszQbCIc1QOdD0IooJUUMGfiAq0D1XdAtI0wOiohrFBJIAmJf5fdKq_nQ1QtU_erT7TjS4jFXUQg1dUmsvP4zTeBJsKgBY1xdT8EEKC39estfuPFwfoWRF8o2lezQa6qs_n9n1NDQ8jAyHDJihvY
Frame ID: FAEB1F46EC3F4B65915E4867D1D4B4DB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 509197E6675A282A70F45B2BC9A51D9A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 468D49ACC06BE5DE20A70F2FF72BCD6E
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: 4D232E40C5596FAF0848CC8A111463DE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AFE72A009B6C01C8EED69AA0B0AF6B03
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 04E911EFDBA0508863667D3569CA3E71
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CA03EDFBCFDBA133F0D887673C8FB742
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 51A266CEFCBBD953E0371203E3611D07
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 17BE7ED08C61D9DC3CD6FF39FD5257EB
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 0CAD1433D35F0133F6B07EDD2F1E4CA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ (Новое Время )

Page URL History Show full URLs

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

150
Requests

87 %
HTTPS

44 %
IPv6

38
Domains

62
Subdomains

54
IPs

11
Countries

2194 kB
Transfer

4095 kB
Size

45
Cookies

113 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novoyevremyaua

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/shcho-vazhlivishe-v-zhitti-uspih-chi-pracya-sekret-uspihu-istoriji-uspishnih-lyudey-50258300.html
Title: Даріус Фору Везіння чи наполеглива робота? Що важливіше для досягнення успіху

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry/kibergigiyena-bezpeka-onlayn-pid-chas-viyni-dlya-lyudey-ta-biznesu-50255849.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrit-industrykibergigiyena-bezpeka-onlayn-pid-chas-viyni-dlya-lyudey-ta-biznesu-50255849

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/epicentr-pererahovuye-koshti-na-10-reanimobiliv-vid-oleni-zelenskoji-50258183.html

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/den-angela-olgi-koli-vidznachayut-imenini-olgi-data-istoriya-svyata-2021-50173263.html
Title: День ангела Ольги. Дати та історія свята

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes/goroskop-2022-koli-u-viyni-rosiji-proti-ukrajini-nastane-perelomniy-moment-astrolog-ekspert-50257875.html
Title: «Нові випробування і для нас, і для ворога». Кінець липня стане доленосним для України

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/showbiz/den-angela-olgi-privitannya-z-imeninami-v-listivkah-yake-sogodni-svyato-24-lipnya-50172480.html
Title: День ангела. Привітання з іменинами Ольги в листівках

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium/seksualne-nasillya-yak-reaguvati-na-domagannya-u-transporti-ta-chi-mozhna-posaditi-krivdnika-u-tyurmu-50258123.html
Title: Домагання у транспорті. Чому не можна їх ігнорувати та як захистити себе від ґвалтівника

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink/linivi-vareniki-recept-varenikiv-vid-lizi-glinskoji-shcho-prigotuvati-na-snidanok-stravi-z-siru-50172244.html
Title: Сніданок за 15 хвилин. Рецепт лінивих вареників від Лізи Глинської

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/vlad-yama-narvavsya-na-kritiku-yama-vijihav-z-ukrajini-y-zaraz-meshkaye-z-sim-yeyu-v-ssha-50258384.html
Title: «Егоїзм у кожному слові». Влад Яма зізнався, як йому вдалося виїхати з України та нарвався на хейт

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/kurs-dolara-zletiv-na-25-shcho-zdorozhchaye-naypershim-eksperti-novini-ukrajini-50258039.html
Title: Сюжет Курс від НБУ 36,6 грн за долар / Через девальвацію все знов здорожчає — наскільки і як швидко? 22 липня, 08:52 Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/rosiyskiy-restorator-oleksandr-orlov-biznes-v-ukrajini-novini-ukrajini-50257536.html
Title: Сюжет Frou Frou, Риба Пила та Queen Kyiv / Як заклади відомого російського ресторатора Олександра Орлова (не) працюють в Україні 21 липня, 09:30 Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/georgiy-skudar-pro-nacionalizaciyu-nkmz-ne-ydetsya-interv-yu-nv-novini-ukrajini-50257488.html
Title: Військове рішення для великого гравця / Що відбувається з Новокраматорським машинобудівним заводом — інтерв'ю з Георгієм Скударем 20 липня, 07:32 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations/yaderna-energiya-50258267.html
Title: Мирний атом? / Що відбувається з ядерною енергетикою і чи врятує вона планету від війни за ресурси 23 липня, 20:00 Інновації

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/ukrajina-zmozhe-eksportuvati-3-mln-tonn-agroprodukciji-novini-ukrajini-50258349.html
Title: «Зернова» угода / Через розблоковані порти Україна зможе експортувати близько 3 млн тонн агропродукції щомісяця 23 липня, 07:11

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/olshansky.html
Title: Олександр Ольшанський Президент холдингу Internet Invest

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/yak-na-nas-usih-vpline-zmina-kursu-dolara-vid-nbu-olshanskiy-50258332.html
Title: Як підвищення курсу долара НБУ вплине на всіх українців Нацбанк підвищив курс долара на 25%, і це вже ні для кого не новина. Але багато хто ставить питання: добре це чи погано для нашої економіки і як вплине на айтішників і взагалі на нас усіх. 23 липня, 10:30 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/sergey-kovalenko.html
Title: Сергій Коваленко Генеральний директор YASNO

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/yak-ekonomiti-elektriku-ta-gaz-poradi-yak-pidgotuvatis-do-opalyuvalnogo-sezonu-50258224.html
Title: Як економити, коли енергоресурси на вагу золота Опалювальний сезон цього року для українців може бути одним із найскладніших. Варто замислитись, як споживати менше електроенергії та газу. 23 липня, 09:00 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/rosiyskiy-gaz-dlya-nimechchini-sholc-vpershe-nazvav-rf-nenadiynim-postachalnikom-ostanni-novini-50258323.html
Title: 150 днів знадобилося Шольцу / Німецький канцлер назвав РФ ненадійним постачальником газу 22 липня, 22:12 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/eksport-zerna-z-ukrajini-vidnovitsya-nayblizhchimi-dnyami-zayava-erdogana-ostanni-novini-50258302.html
Title: Експорт українського зерна / Рух суден відновиться найближчими днями — Ердоган 22 липня, 20:46 Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics/ministr-infrastrukturi-kubrakov-rozpoviv-detali-zernovoji-ugodi-v-stambuli-novini-ukrajini-50258283.html
Title: Діятиме 120 днів / Міністр Кубраков розповів деталі «зернової угоди» в Стамбулі 22 липня, 18:02 Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/nbu-do-kincya-roku-faktichno-nadrukuye-180-mlrd-grn-cherez-shemu-z-vikupom-ovdp-novini-ukrajini-50258261.html
Title: Працює друкарський верстат / Нацбанк буде викуповувати ОВДП на 30 млрд грн щомісяця — заступник голови НБУ 22 липня, 17:25 Фінанси

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs/vtoma-yak-ne-vigoriti-u-borotbi-za-peremogu-emociyne-vigorannya-50258282.html

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nv.ua/ HTTP 301
https://nv.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Request Chain 74

https://gaua.hit.gemius.pl/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=40vVc5M4Zu.ia.JUR44jevV8UDGf2so1OeB9gYJh1K3.S7bKh7O0qP0.psE7YU94MS7ViIzApVsxvu3waGqcB3NKQiDa/hjLFeeuw1QtEC/&ltime=207&fpdata=NjEqbRtyybm77FaggQBQWEPyGOlfAF64dN.Ksd9dafX.Q7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=40vVc5M4Zu.ia.JUR44jevV8UDGf2so1OeB9gYJh1K3.S7bKh7O0qP0.psE7YU94MS7ViIzApVsxvu3waGqcB3NKQiDa/hjLFeeuw1QtEC/&ltime=207&fpdata=NjEqbRtyybm77FaggQBQWEPyGOlfAF64dN.Ksd9dafX.Q7&fpcap=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtyonNNMPUnSsuOsNpK3NgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENNAmP6FFWQNgZGsHgmxJvs&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyNDEwMDgzNjgxNTYzMDkzMw%3D%3D

Request Chain 108

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1&google_push=AehlK4AK86ZwqugyZuMx2uVeQldgplONWB1NCQjgHJYkN5t-k91H0KIMY2Xq7qFt8KZgQK71_2yBlaJXAlOo84i4IBU-N2yZ4SU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5OTc2ODc4NDYyNzY2ODA3Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1

Request Chain 109

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvcWWPj-ZcEePIFjgbHx_s&google_cver=1&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIvcWWPj-ZcEePIFjgbHx_s&google_cver=1&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ea51439f-bc92-4093-bda6-fd85f2853fef&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM&google_hm=7M96NsdhROCTCao8Ht-cxQ==

Request Chain 110

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPHeYvLwNfm2f9WkfFuyItw&google_cver=1&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO6WYzM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO6WYzM&google_hm=MzMxMzg1MTQwMDcwMTE1NjQ3OA%3D%3D

Request Chain 112

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_cver=1&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOwlfc_UI_e6q_hiEJOpXZpMbYrueg2eop1E8AwQp1ergbckN4BQLpKW3MIIagmQM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOwlfc_UI_e6q_hiEJOpXZpMbYrueg2eop1E8AwQp1ergbckN4BQLpKW3MIIagmQM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_hm=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&google_nid=index&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOwlfc_UI_e6q_hiEJOpXZpMbYrueg2eop1E8AwQp1ergbckN4BQLpKW3MIIagmQM

Request Chain 113

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEBDZk9S7RGrsyz5dksacb8&google_cver=1&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8SwudXI5CAK-Yl2X96F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8SwudXI5CAK-Yl2X96F

Request Chain 121

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uuLvR3xpY0NBaURTTDI3WnVUblNwRDgrclFlbU83OFRoVi81ZWlxMXp6TTMrSnRzdWxoNDN1SlpXUEJaQWVGOVBoN09hRVFaL3NXTUVEcWpjbXo5RCtBY2twVncvU0hMQVdsTFZSaG12clVxM2xVeXBqUlFmdWRQQmZrOHdSTmxuMVQ2NXFwcTRCbW1DZUFOdEg2ZVpqTDNFd1Iya0ZQMExSNFFIT1pYMkR4cHVLQXg1UjdSeU81Y0ZyNXhWeFluSHUyZzl0MDlWdmZVSzdweWxvWGlzQTNGQy9YT1VNRFBDRkQ0OVdqL2J6Rk9nWDl3K1FHWExZZDZRTGV0VjZzSWZEbExrVHgvYURiSGcwUHNudmpqQW5wQ2N3Zz09fA&cppv=2

Request Chain 131

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&dcc=t

Request Chain 139

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 141

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjYyMjYwYWZlYWMzYWEyMWU5ZjhiOTk4OTkxMjM4Nzc3OGI2OGMxNQ

Request Chain 142

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YOFPPG-28-EZTL&sigv=1&esig=2~6ec4d94fde921406966a3b41dfe288c314dffd88

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMqKBd4GcMqsYOLy4d3hKNs&google_cver=1

Request Chain 144

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=P3DWXTddTniMGYH73HjLqw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P3DWXTddTniMGYH73HjLqw

Request Chain 145

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZT0ZQUEctMjgtRVpUTA==

Request Chain 146

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YOFPPG-28-EZTL

150 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nv.ua/
Redirect Chain

http://nv.ua/
https://nv.ua/

240 KB
49 KB

275ms
179ms

Document
text/html

2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a32d22b85504e0aabeac525bd0c1af98f5dfd9dece5886a79e0eb208e54c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 72f915683a8201fc-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 02:04:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nv-cache: 180s
server: cloudflare
x-cacheable: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 72f91567388d0215-ZRH
Connection: keep-alive
Content-Type: text/html
Date: Sun, 24 Jul 2022 02:04:10 GMT
Location: https://nv.ua/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
81 KB 141ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36460d16fcfe2ab3dc8494390dcfa60544646fa2b287e167c4043fb4286d8fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82530
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 02:04:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 138ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6460ba7bf14531c886dc40ebecfc9dd5b0372d6fdcf1e02ca1baddf374dce198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28362
x-xss-protection: 0
server: sffe
etag: "1282 / 584 of 1000 / last-modified: 1658527563"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Jul 2022 02:04:11 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 3 KB
2 KB 121ms
34ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: 941e238e3dac6fa6aebe8e7525df9c361f18b85a13dec289aab2b78daa572c83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
cdn-edgestorageid: 879
cdn-fileserver: 300
cdn-storageserver: DE-198
cdn-cachedat: 07/20/2022 08:08:08
cdn-pullzone: 139012
server: BunnyCDN-AMS-879
last-modified: Wed, 20 Jul 2022 08:07:13 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62d7b7b1-bba"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 1bb3d16b0e54642bf8249ee4b5622758
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tablet-fixes-768.css
nv.ua/css/ 2 KB
707 B 55ms
54ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-768.css?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 743352
etag: W/"618b9271-67d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 16 Jul 2023 11:34:59 GMT
cache-control: max-age=31557600
cf-polished: origSize=1661
cf-ray: 72f915698b2f01fc-ZRH
cf-bgj: minify

GET
H2 200 tablet-fixes-1024.css
nv.ua/css/ 2 KB
751 B 54ms
53ms Stylesheet
text/css 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/css/tablet-fixes-1024.css?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 743352
etag: W/"618b9271-700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 16 Jul 2023 11:34:59 GMT
cache-control: max-age=31557600
cf-ray: 72f915698b3001fc-ZRH
cf-bgj: minify

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 60ms
60ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12145830
etag: "60e41fd8-944c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 72f915698b3101fc-ZRH
content-length: 37964
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
38 KB 56ms
56ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12145831
etag: "60e41fd8-9578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 72f915699b3601fc-ZRH
content-length: 38264
expires: Mon, 06 Mar 2023 12:13:40 GMT

GET
H2 200 label_nv_75.png
static.nv.ua/images/main/ 4 KB
4 KB 98ms
89ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/label_nv_75.png?q=85&f=webp&stamp=4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b59b79a3de628e26f58953655d176928d1bc8a634c5f3ce5617a83bf81a7ea3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=6799
content-disposition: inline; filename="label_nv_75.webp"
content-length: 3708
pragma: public
last-modified: Mon, 15 Nov 2021 09:22:42 GMT
server: cloudflare
etag: "619226e2-1a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72f91569ab4201fc-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
420 B 88ms
88ms Image
image/svg+xml 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 12146294
etag: W/"5e6ff361-1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 72f91569ab4101fc-ZRH
expires: Mon, 06 Mar 2023 12:05:57 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 88ms
87ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12145830
etag: "60e41fd8-d430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 72f91569ab4301fc-ZRH
content-length: 54320
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 88ms
88ms Font
font/woff2 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 12145830
etag: "60e41fd8-e8b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 72f91569ab4401fc-ZRH
content-length: 59576
expires: Mon, 06 Mar 2023 12:13:41 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 88ms
87ms Font
application/octet-stream 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 12145593
etag: "616eaf71-3914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 72f91569ab4501fc-ZRH
content-length: 14612
expires: Mon, 06 Mar 2023 12:17:38 GMT

GET
H2 200 0758e52518583f6b694acc9f3cf9924c.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/608/original/ 8 KB
8 KB 60ms
58ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/608/original/0758e52518583f6b694acc9f3cf9924c.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f26b78193eeca84b8ac91fce77a598931a6112413e6d12c55505c08e10ef5363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
age: 57758
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Sat, 23 Jul 2022 04:23:09 GMT
server: cloudflare
etag: "a787272160337b0cd5e73ca4471820c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 10:01:33 GMT
cache-control: public, max-age=31536000
cf-ray: 72f91569db5901fc-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 35571ad741f55b001dcbfe306a8f0b99.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/ 11 KB
11 KB 61ms
60ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/760/original/35571ad741f55b001dcbfe306a8f0b99.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
age: 809087
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Thu, 14 Jul 2022 17:14:26 GMT
server: cloudflare
etag: "adbee42427afbd3809139d97f125e43a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Aug 2022 17:19:24 GMT
cache-control: public, max-age=31536000
cf-ray: 72f91569db5a01fc-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 26816c264f2ba3ffa28cda5a4f8988f1.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/090/original/ 7 KB
7 KB 59ms
58ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/090/original/26816c264f2ba3ffa28cda5a4f8988f1.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84e41bed03a822d353f8edcdfeb4a786cc58a321a24c52587c8d62cbaabeec9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
age: 816473
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Thu, 14 Jul 2022 13:21:21 GMT
server: cloudflare
etag: "b442b4471f8a8371fd827f7993f3a11f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sat, 13 Aug 2022 15:16:18 GMT
cache-control: public, max-age=31536000
cf-ray: 72f91569db5b01fc-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 8ee79694845d904328b77a7856f4669c.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/912/original/ 6 KB
6 KB 101ms
99ms Image
image/png 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/912/original/8ee79694845d904328b77a7856f4669c.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025e749a31505f9f048a486381fe0961e28fe7b91136cf526e48c189f4168bd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
age: 110951
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Fri, 22 Jul 2022 04:26:56 GMT
server: cloudflare
etag: "859fa8e9f55b18b12a07e5c61d037dd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Sun, 21 Aug 2022 19:15:00 GMT
cache-control: public, max-age=31536000
cf-ray: 72f91569db5c01fc-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 /
images.weserv.nl/ 4 KB
5 KB 210ms
67ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/074/original/d32ab3efb96f6a15a3aa899ae2217cfa.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b4d3761b0f1fdcdd4a4df505e36c7bd3372f444554c907de272cf5410187fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138151
x-cache-status: HIT
x-upstream-response-length: 5425
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4561
timing-allow-origin: *
last-modified: Fri, 22 Jul 2022 11:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1Ji6lbRETVU02FOiTmfUxdDhii4dnGM1Hi2l3VoG8R1%2BXW37Lw7o9da9XgiTrZcdqp4%2BFc5aG9xDpNZN%2Bi3IIGqh7wmEZCgyuUSegGQ6oGwpu14TuCbsPUzegCnMdS%2F5cvNrw3VGrrugSQ8SBkP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72f9156acb140e12-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/074/original/d32ab3efb96f6a15a3aa899ae2217cfa.png>; rel="canonical"
expires: Sat, 22 Jul 2023 11:31:47 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
6 KB 209ms
66ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/076/original/b8834cc7f4275662462b61899a119cf5.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6bf044b110356ff7b82174924c3466394ff6356dec8f00e419fc2a9edb72c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2641920
x-cache-status: MISS
x-upstream-response-length: 10713
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5082
timing-allow-origin: *
last-modified: Thu, 23 Jun 2022 11:31:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY43%2BzTGfotKOIGakEXp3aAR1NqVfDf%2Fag1XAz4sgGqoBN2uEe5YnQxyobrjL5e%2FOTkHQguOwy3u4SpL9c4bZMa7yogxuU%2BC5y78hdjkr9harBx0KQ%2FiqE4%2FO2baMjsijU4Ol8%2Fb4Zze4OjJYcrI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72f9156acb150e12-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/076/original/b8834cc7f4275662462b61899a119cf5.png>; rel="canonical"
expires: Fri, 23 Jun 2023 11:31:26 GMT

GET
H2 200 /
images.weserv.nl/ 5 KB
5 KB 211ms
68ms Image
image/png 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://static.nv.ua/shared/system/top_images/images/000/000/078/original/cdc2e9bb209a300b1dacf69b7af6ea3e.png&q=75

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373d619c9e3ce26b4a2e43872fa34ec942cacbd261270577121d046cdc7303fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 141035
x-cache-status: MISS
x-upstream-response-length: 5816
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4925
timing-allow-origin: *
last-modified: Fri, 22 Jul 2022 10:21:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EM9wcRpfpfmtm2lBmBYz5G1OB39M6KULiVcqi42iJ9OK7XsH9gJEPRpJ1coSp5aieIKnXp7F9mZLlp67sXYBihLfzndwKsxe98cYf5zcBzw6VnnensqN8iQQeiN1Fqp2w4viiRhpvnGWUSknQ7Nl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72f9156acb160e12-MXP
link: <https://static.nv.ua/shared/system/top_images/images/000/000/078/original/cdc2e9bb209a300b1dacf69b7af6ea3e.png>; rel="canonical"
expires: Sat, 22 Jul 2023 10:21:41 GMT

GET
H2 200 /
images.weserv.nl/ 47 KB
47 KB 162ms
69ms Image
image/jpeg 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?q=85&url=https://static.nv.ua/shared/system/banners/image_desktops/000/000/184/original/11_ukr.jpg?stamp=1

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1182ecca65d662d4d1fc51e35d6812385b7060b96e9a1c5ef898bcf775e27f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122969
x-cache-status: MISS
x-upstream-response-length: 46314
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48046
timing-allow-origin: *
last-modified: Fri, 22 Jul 2022 15:06:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BBo7udp8SvnacV%2Fwc5sE%2FKn5UH6wRThmoSJd5E16Ven5wptTeGoP10HReGKHb0ZP7gQ%2B9JLosfQrKX4oaKQJoRi%2BZl%2BLLLr95f8KEGCecHa2tS6Ry7gA7cNl2DRngPPKqsuAZMkuahFJMs9RGWJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 72f9156acb130e12-MXP
link: <https://static.nv.ua/shared/system/banners/image_desktops/000/000/184/original/11_ukr.jpg?stamp=1>; rel="canonical"
expires: Sat, 22 Jul 2023 15:06:16 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 57 KB
15 KB 191ms
61ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 09:53:10 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15187
expires: Sun, 24 Jul 2022 14:04:11 GMT

GET
H2 200 9f50bb3792f5ae000db36bcd027d58a9.jpg
static.nv.ua/shared/system/Article/posters/002/541/953/600x300/ 47 KB
47 KB 85ms
78ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/953/600x300/9f50bb3792f5ae000db36bcd027d58a9.jpg?q=85&stamp=20220724044800&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eafa99e8ba1360680af8ede86794f0a29b116bbfdf74539d085d46d153fefe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Jul 2022 02:00:31 GMT
server: cloudflare
etag: "ccdc3171012ba5d309baec362d839559"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a3b8b01fc-ZRH
expires: Tue, 23 Aug 2022 02:04:11 GMT

GET
H2 200 447f9c42a90c9f787e72c8aefa6777f5.jpg
static.nv.ua/shared/system/Article/posters/002/541/951/300x150/ 9 KB
9 KB 76ms
76ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/951/300x150/447f9c42a90c9f787e72c8aefa6777f5.jpg?q=85&stamp=20220724042324&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb334d661d0cca9fcfc99a0c5cea440227c6a9096ce46aecb5d5fa160cf80dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Jul 2022 01:36:01 GMT
server: cloudflare
etag: "705635ccbe3daa4700391e931b60ab26"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a6baa01fc-ZRH
expires: Tue, 23 Aug 2022 02:04:11 GMT

GET
H2 200 72160e23958e07bbb6dad41b013189d7.jpg
static.nv.ua/shared/system/Article/posters/002/541/945/300x150/ 6 KB
6 KB 77ms
76ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/945/300x150/72160e23958e07bbb6dad41b013189d7.jpg?q=85&stamp=20220724020826&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb85eea421989d31745c40da598f3f747155b711b7f3d730022f1867d0cc21d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Jul 2022 02:00:36 GMT
server: cloudflare
etag: "476f7a4022d721801d115782190337be"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb401fc-ZRH
expires: Tue, 23 Aug 2022 02:04:11 GMT

GET
H2 200 c34695762637dd0d9b089bfd443f5ab9.jpg
static.nv.ua/shared/system/Article/posters/002/541/941/300x150/ 11 KB
11 KB 54ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/941/300x150/c34695762637dd0d9b089bfd443f5ab9.jpg?q=85&stamp=20220724012344&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0706e25361895c3f763e98f7c528766197ffb2c506da2b3e3c07bb6239303531

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 22:50:30 GMT
server: cloudflare
age: 9681
etag: "18d3dbf5b39f3840c6e22bdebf071eea"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb001fc-ZRH
expires: Mon, 22 Aug 2022 23:22:50 GMT

GET
H2 200 8be8fe54c0c16c01b7a91b1b0849e8de.jpg
static.nv.ua/shared/system/Article/posters/002/541/937/300x150/ 10 KB
10 KB 67ms
66ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/937/300x150/8be8fe54c0c16c01b7a91b1b0849e8de.jpg?q=85&stamp=20220724004653&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9300e1adc9350d06b39a0432aace48c5c2ff06489bd33f27ddf1f68feeda5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 22:00:26 GMT
server: cloudflare
age: 14110
etag: "15f59beb318a250f8f6e469cfb768540"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb501fc-ZRH
expires: Mon, 22 Aug 2022 22:09:01 GMT

GET
H2 200 d6545ff752a39d05af54e5cad1ba169f.jpg
static.nv.ua/shared/system/Article/posters/002/541/933/300x150/ 5 KB
6 KB 66ms
65ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/933/300x150/d6545ff752a39d05af54e5cad1ba169f.jpg?q=85&stamp=20220723235504&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53797c64b70e84e03d6b0ddae2ee6a02800762f335e5a23cdafeee579ad357b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 21:10:15 GMT
server: cloudflare
age: 17535
etag: "f0f18143020ec1a1f800b2c9ff11dc2a"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb601fc-ZRH
expires: Mon, 22 Aug 2022 21:11:56 GMT

GET
H2 200 b7fc044fd43bb06b6717e27685261f45.jpg
static.nv.ua/shared/system/Article/posters/002/541/925/300x150/ 21 KB
21 KB 55ms
54ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/925/300x150/b7fc044fd43bb06b6717e27685261f45.jpg?q=85&stamp=20220723230941&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f537bf85decb94c0282f91b06dd0579c73ff738b37ee4de50a4d6de0003d2f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 20:30:16 GMT
server: cloudflare
age: 19715
etag: "4073aa5c147c1e107b38d7662e04d1ff"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb201fc-ZRH
expires: Mon, 22 Aug 2022 20:35:36 GMT

GET
H2 200 d87ff0c141c96b9fae78945b4730f376.jpg
static.nv.ua/shared/system/Article/posters/002/541/921/300x150/ 12 KB
13 KB 57ms
56ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/921/300x150/d87ff0c141c96b9fae78945b4730f376.jpg?q=85&stamp=20220723230817&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42bda377ed6c7398c40ed2134d33f215891803d9cd1e78f904050bd7f699b648

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 20:20:22 GMT
server: cloudflare
age: 20356
etag: "40dd71b24b6e9c7aac674c5b535cf7c1"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156a7bb101fc-ZRH
expires: Mon, 22 Aug 2022 20:24:55 GMT

GET
H2 200 b66d36cd90ca14b0d835d759781826d6.jpg
static.nv.ua/shared/system/Article/posters/002/541/425/300x150/ 11 KB
11 KB 53ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/425/300x150/b66d36cd90ca14b0d835d759781826d6.jpg?q=85&stamp=20220722150032&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eddbad3251a0d25f509935efde2fd9ceba5ebdf662a8c90c50e536c7369eed6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 04:35:19 GMT
server: cloudflare
age: 72873
etag: "dff86c4383423d695b5227fe4d2b8036"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156acbd501fc-ZRH
expires: Mon, 22 Aug 2022 05:49:38 GMT

GET
H2 200 5c674218f591b39a3167c0c6cec7a6b6.jpg
static.nv.ua/shared/system/Article/posters/002/541/911/300x150/ 7 KB
7 KB 53ms
52ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/911/300x150/5c674218f591b39a3167c0c6cec7a6b6.jpg?q=85&stamp=20220723220825&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7edb4000e43b140eb139047113ec9830563ba33ac2e8d60bddd0df28ac225c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 19:25:17 GMT
server: cloudflare
age: 23898
etag: "54e235c272740c7b2bede163121bdb05"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156acbd801fc-ZRH
expires: Mon, 22 Aug 2022 19:25:53 GMT

GET
H2 200 0ee496fe721d3e4e37530bd2a5858f99.jpg
static.nv.ua/shared/system/Article/posters/002/541/899/300x150/ 3 KB
3 KB 64ms
61ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/899/300x150/0ee496fe721d3e4e37530bd2a5858f99.jpg?q=85&stamp=20220723213436&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f3afabe3ef4d1550e3b6cff8365ae1ba25a3df239d941e56be0d8063efbe6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 19:05:26 GMT
server: cloudflare
age: 25035
etag: "12c60a3a39b8029214250f165f0cf0f7"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156aebe801fc-ZRH
expires: Mon, 22 Aug 2022 19:06:56 GMT

GET
H2 200 5022655b8bc05a5120f8752fb0487a24.jpg
static.nv.ua/shared/system/Article/posters/002/541/546/original/ 204 KB
205 KB 55ms
53ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/546/original/5022655b8bc05a5120f8752fb0487a24.jpg?q=85&stamp=20220722172647&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747c2056a39bdbf5eb0986be7d7b58b5bc114770df55e272e356e9b8db8c247

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Jul 2022 15:48:48 GMT
server: cloudflare
age: 122408
etag: "b47c11dd9b60409c7ea1dbf1e650cac4"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156aebe901fc-ZRH
expires: Sun, 21 Aug 2022 16:04:03 GMT

GET
H2 200 72b5a70e8731964a8b7d7b73922dbbf1.jpg
static.nv.ua/shared/system/Article/posters/002/540/499/600x300/ 37 KB
37 KB 56ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/540/499/600x300/72b5a70e8731964a8b7d7b73922dbbf1.jpg?q=85&stamp=20220721165849&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bc26fb2376a88da27205fb40ad256ab9ad31af92e49aeb410cab61a0192b672

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 15:20:22 GMT
server: cloudflare
age: 209945
etag: "85d86056d72ad9e384eaf6f27b07adc3"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156aebef01fc-ZRH
expires: Sat, 20 Aug 2022 15:45:06 GMT

GET
H2 200 2fff9f02f5af53413048b99af0dd1263.jpg
static.nv.ua/shared/system/Article/posters/002/541/784/600x300/ 9 KB
9 KB 57ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/784/600x300/2fff9f02f5af53413048b99af0dd1263.jpg?q=85&stamp=20220723133438&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b040761950c737038e0eb861a8ccd621fbf4810e015eacb33d171819865d1564

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 11:21:18 GMT
server: cloudflare
age: 48776
etag: "1e4179f6de3a13f09f3c84eb04da06c8"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156aebf101fc-ZRH
expires: Mon, 22 Aug 2022 12:31:15 GMT

GET
H2 200 175a7005093cdaf4501a5425bdd96ab2.jpg
static.nv.ua/shared/system/Article/posters/002/541/460/600x300/ 43 KB
43 KB 55ms
54ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/460/600x300/175a7005093cdaf4501a5425bdd96ab2.jpg?q=85&stamp=20220722160851&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4585955be7670ece0d0c906a3f7cd6c98c228e0c8ab40cdc6ccd505010c814b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Jul 2022 13:32:28 GMT
server: cloudflare
age: 130964
etag: "df7e8e72afb43d8afd620d9c977383dc"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b2bff01fc-ZRH
expires: Sun, 21 Aug 2022 13:41:27 GMT

GET
H2 200 ccb50e70f3993fcdac83161c8fa71c8b.jpg
static.nv.ua/shared/system/Article/posters/002/541/059/original/ 132 KB
133 KB 58ms
57ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/059/original/ccb50e70f3993fcdac83161c8fa71c8b.jpg?q=85&stamp=20220722125641&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626b759fb11da8b0cc805835ca8b18c59f57576b6489b5baeed2b0c177b7b29a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Jul 2022 10:05:32 GMT
server: cloudflare
age: 142401
etag: "c8692239ce4ac7d0f9074f2d7ad18dec"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b2c0001fc-ZRH
expires: Sun, 21 Aug 2022 10:30:50 GMT

GET
H2 200 247c872c454b2a06e4694efda994323c.jpg
static.nv.ua/shared/system/Article/posters/002/541/053/600x300/ 37 KB
37 KB 55ms
54ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/053/600x300/247c872c454b2a06e4694efda994323c.jpg?q=85&stamp=20220721192005&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a391f53027d6ec2117ae0c3e949c5e30162ed165c7c9791b6cb48a05039752db

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Jul 2022 03:57:47 GMT
server: cloudflare
age: 158598
etag: "7dac8258b6853544601f00d72abb5f6c"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b4c1d01fc-ZRH
expires: Sun, 21 Aug 2022 06:00:53 GMT

GET
H2 200 3e6293d670cc588f4261bd5bd9ce3314.jpg
static.nv.ua/shared/system/Article/posters/002/539/999/600x300/ 21 KB
21 KB 60ms
60ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/539/999/600x300/3e6293d670cc588f4261bd5bd9ce3314.jpg?q=85&stamp=20220719215156&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee9ee7e94b2c8272f124cb8b989ef48a77b7ca1111f140d580a616fea582883

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Wed, 20 Jul 2022 09:46:32 GMT
server: cloudflare
age: 317342
etag: "140933be348f2473980da8abe481cc31"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b4c1e01fc-ZRH
expires: Fri, 19 Aug 2022 09:55:09 GMT

GET
H2 200 85a30b0a8fbadeec78bae4f5ffaa2ed4.jpg
static.nv.ua/shared/system/Article/posters/002/539/896/600x300/ 16 KB
16 KB 56ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/539/896/600x300/85a30b0a8fbadeec78bae4f5ffaa2ed4.jpg?q=85&stamp=20220719184330&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce896b0ba240d4055748bd70250d564f99ca916fc17c7bc956ea3f557ce5d59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 16:48:04 GMT
server: cloudflare
age: 376741
etag: "8905dea6c1033d77b94e00b573be14d9"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b4c2101fc-ZRH
expires: Thu, 18 Aug 2022 17:25:10 GMT

GET
H2 200 666b2a6ae9fca65ab7621febe1e0bd6e.jpg
static.nv.ua/shared/system/Article/posters/002/539/823/600x300/ 14 KB
14 KB 54ms
54ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/539/823/600x300/666b2a6ae9fca65ab7621febe1e0bd6e.jpg?q=85&stamp=20220719165108&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6967c24ed1e167108951df5441f6ba2afededfe453b3fb63bf80ac40625400f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 15:50:27 GMT
server: cloudflare
age: 381674
etag: "a84f07572791950a2266a97da8720771"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b4c2401fc-ZRH
expires: Thu, 18 Aug 2022 16:02:57 GMT

GET
H2 200 4875b52566b35a72d4c24876b489647c.jpg
static.nv.ua/shared/system/Article/posters/002/541/891/300x150/ 9 KB
9 KB 55ms
55ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/541/891/300x150/4875b52566b35a72d4c24876b489647c.jpg?q=85&stamp=20220723194847&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b818376f80661b44fabd987b3cf5ba717a9e7a2ed33ce523b67ac41f1d4fa8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 17:15:34 GMT
server: cloudflare
age: 31309
etag: "0e37fa794fe4b33873fde7f34760f713"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b7c3101fc-ZRH
expires: Mon, 22 Aug 2022 17:22:22 GMT

GET
H2 200 7be5541c126e019e9f580e6591f56d56.jpg
static.nv.ua/shared/system/Article/posters/002/540/941/300x150/ 5 KB
5 KB 62ms
62ms Image
image/webp 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/540/941/300x150/7be5541c126e019e9f580e6591f56d56.jpg?q=85&stamp=20220721171201&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf7321aee61aca123770b14cd75805d036d359d26989fa70d61ddcadc3cf606

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Jul 2022 08:29:51 GMT
server: cloudflare
age: 60024
etag: "f50f78ea86f16493105afaa63ed31f44"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156b8c4601fc-ZRH
expires: Mon, 22 Aug 2022 09:23:47 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
310 B 325ms
73ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.10250231730831905&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
p3p: policyref="/w3c/p3p.xml", CP="UNI"
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 127 KB
43 KB 53ms
53ms Script
application/javascript 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.63
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c09f5e323e5a4b213105be896d6da202129c4a88c39133c9411021519ae2635

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 14:17:12 GMT
server: cloudflare
age: 743351
etag: W/"62bdb068-1fc33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 72f9156a5b9601fc-ZRH
expires: Sun, 16 Jul 2023 11:35:00 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 43 KB
9 KB 67ms
67ms XHR
text/html 2606:4700:10::ac43:175a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae3bda58e4a84b02fac5d6db55f7b3f86de5078824cee7f62369be2ba41ddd8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
age: 404
varnish-ttl: 900.000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
nv-cache: 900s
cf-ray: 72f9156a5b9801fc-ZRH

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/a/ 376 KB
111 KB 42ms
42ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/a/ym.js?2
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: ca69cc671e77c7acb5dbe23a5bbf61f8cdec6cd9e35528849e9ea7a5914b3723

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 296
cdn-storageserver: DE-169
cdn-cachedat: 07/21/2022 21:52:03
cdn-pullzone: 139012
server: BunnyCDN-AMS-879
last-modified: Thu, 21 Jul 2022 21:51:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62d9ca7c-5e1a2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 2fbc9b24b148625e3b06d049b573c84a
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2022072001.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 148ms
41ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

812bf583b69091bd013eb8d5c24835a187c6e14d722ccc8afdf85d1b2c450cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 23:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131699
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Jul 2023 23:30:08 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 238 B
764 B 155ms
49ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

430f42caf926bbdc806adc0f6e635f3201bbb295134743ae13e2bd6d6883866f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
expires: Sun, 24 Jul 2022 02:04:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d92435ef4bc965f8b09a0c83f514078fa6384e8e7bb58e7e5b282fa301f16a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69843
x-xss-protection: 0
expires: Sun, 24 Jul 2022 02:04:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 97ms
30ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3936
date: Sun, 24 Jul 2022 00:58:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Jul 2022 02:58:35 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

4 KB
2 KB

54ms
53ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15896678
fly-request-id: 01FSX6X3Y7Z6VSJYZCBQE609ZV
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 72f9156c6d11cc4a-ZRH

Redirect headers

date: Sun, 24 Jul 2022 02:04:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G8PYYPF5XFYP7K39DWV3VQXK-fra
server: cloudflare
age: 214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 72f9156bfcdecc4a-ZRH
access-control-allow-origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 470ms
47ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 24 Jul 2022 02:00:34 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront), 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:40 GMT
server: AmazonS3
age: 218
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: g4Xmxg2TR5eBs4PfmfjUx6xIcvwNZfNEs5QiHneE6JcCZ764Zl7QPQ==

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 206 KB
67 KB 45ms
44ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: 4fb131c323dedec316e7389799897b88c14abc1f8b062532fce3efd4fe5ae775

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 224
cdn-storageserver: DE-199
cdn-cachedat: 07/23/2022 14:30:23
cdn-pullzone: 139012
server: BunnyCDN-AMS-879
last-modified: Sat, 23 Jul 2022 14:29:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62dc05e6-3375d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 20229bd3586735190577c9811e07b15d
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 183 B
874 B 106ms
34ms XHR
text/plain 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS-879 /
Resource Hash: 26bb1e8a9eaaa4095a778d0929d7659dfe3227eb9c0edce3bd33d1a357b04340

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
cdn-edgestorageid: 883
cdn-fileserver: 324
cdn-storageserver: DE-164
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/23/2022 08:30:47
cdn-pullzone: 139012
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
server: BunnyCDN-AMS-879
access-control-allow-origin: *
last-modified: Sat, 23 Jul 2022 08:30:21 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"62dbb19d-b7"
vary: Accept-Encoding
content-type: text/plain
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 2da588639463c10ba8779600ede66e2c
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 578ms
98ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD03NGFkMDk3NS1mMTAwLTQwY2UtYmI0My1kZThkYmMzZDVkZjM%3D&pt=gross&stid=28e938bf-72fc-479e-9c44-0922265df853&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://nv.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
12 KB 204ms
125ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

df299f3a8829a6ced50706454798748ce70d234654de3b631dcd3048b93db44d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Jul 2022 02:04:11 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3922bff9-69c9-47c2-b179-82dbd12a3a14
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 251ms
102ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=74ad0975-f100-40ce-bb43-de8dbc3d5df3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5371144442476015
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f344be489f89f6d1a0874af64fb20350df2ccbbfe65a0c074107140ae1661667

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:11 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
402 B 296ms
159ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 14ea65c3033fb6c02ce5cda1133582195a305558ed5eabf31d4e3c2c14d5cbfb

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Sun, 24 Jul 2022 02:04:11 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-encoding: br
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 50 B
325 B 423ms
102ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 677756699333dc1bb948b697968527d3941d98326f38e6ebe62153991cb2f211

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Jul 2022 02:04:11 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 50

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 137ms
39ms XHR
application/json 3.64.76.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.76.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-76-190.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
accept-ch: sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 341ms
64ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=30951236950

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
634 B 200ms
96ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22153940c496963f5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221636e0c10894805%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%221636e0c10894805%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8bf0b90763daff68fda5a66648f0fbf0899314a7ced92794282af6c43d528f

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8W4HmoPrZE0VardJu53UXcL40i6ZhHT6ffUGFK9w513u%2BXbOHiO7F8Wd46UEhEtR7fNhQWCDcBEeiTBrqDdYD9shCSDLfUrMkY5fISX7U%2Bw8J3wBEH%2FutSrPcFhLdk0%2BV%2Fp2nlg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 72f9156c5a6bf3eb-LHR
expires: 0

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
388 B 58ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 2af02bceebe300a4154b98422c7bb13af475529f5f7ceadaa110808fe1414893

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Tue, 23 Aug 2022 02:04:11 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 6D0F 5 KB
3 KB 174ms
55ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: d31100d37ebdad883ad8fb28cfd71deddf6bc12726a726ea861a5cc306208eeb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2724
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:11 GMT
etag: PRIVATE7520710249
expires: Tue, 23 Aug 2022 02:04:11 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 108ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe7k0&_p=1631690796&_z=ccd.v9B&cid=1740064411.1658628252&ul=en-us&sr=1600x1200&_s=1&sid=1658628251&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&en=page_view&_fv=1&_nsi=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
438 B 108ms
36ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51943557-1&cid=1740064411.1658628252&jid=2132915439&uid=0&gjid=583190647&_gid=1745100044.1658628252&_u=YCDAgEABAAAAAE~&z=279966618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Jul 2022 02:04:11 GMT
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 88ms
28ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1631690796&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92%20(%D0%9D%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEAB~&jid=2132915439&gjid=583190647&cid=1740064411.1658628252&uid=0&tid=UA-51943557-1&_gid=1745100044.1658628252&gtm=2wg7k0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&z=678862677

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jul 2022 20:41:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19346
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 150ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 553 B
325 B 161ms
77ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3918662373447054&correlator=134295518169279&eid=31068457%2C31068586%2C31068591&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=854448343&sfv=1-0-38&fsbs=1&ecs=20220724&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DA%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1658628251609&lmt=1658628251&dlt=1658628251076&idt=493&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=1740064411.1658628252&ga_sid=1658628252&ga_hid=1631690796&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a956ff515cd1a6f9e575363daceecc33c079fd13c4b1082f8b09c0828fb6678f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B476 6 KB
4 KB 151ms
48ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:11 GMT
expires: Mon, 24 Jul 2023 02:04:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 142ms
52ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1740064411.1658628252&jid=2132915439&_u=YCDAgEABAAAAAE~&z=2005808779

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 143ms
53ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1740064411.1658628252&jid=2132915439&_u=YCDAgEABAAAAAE~&z=2005808779

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1658628251665/
Redirect Chain

https://gaua.hit.gemius.pl/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A...
https://gaua.hit.gemius.pl/__/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https...

169 B
425 B

158ms
157ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=40vVc5M4Zu.ia.JUR44jevV8UDGf2so1OeB9gYJh1K3.S7bKh7O0qP0.psE7YU94MS7ViIzApVsxvu3waGqcB3NKQiDa/hjLFeeuw1QtEC/&ltime=207&fpdata=NjEqbRtyybm77FaggQBQWEPyGOlfAF64dN.Ksd9dafX.Q7&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b63b82dd448e167c4f03c0e24f4d7e28a8d16314a783e89f3ba421e2e72b6969

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 23 Jul 2022 02:04:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:11 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1658628251665/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&inner=_ver%3D328&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=40vVc5M4Zu.ia.JUR44jevV8UDGf2so1OeB9gYJh1K3.S7bKh7O0qP0.psE7YU94MS7ViIzApVsxvu3waGqcB3NKQiDa/hjLFeeuw1QtEC/&ltime=207&fpdata=NjEqbRtyybm77FaggQBQWEPyGOlfAF64dN.Ksd9dafX.Q7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Jul 2022 02:04:11 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 42ms
42ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 22:11:02 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
server: Server
age: 13989
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: aOL3P94FZaHJuTTF6ImeFHnZK9yepOJc_2sa6U5ttRVooME1cg7o0w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
485 B 75ms
74ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=sy2fPd0Y8mW9E&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_745990641%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_918257192%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:11 GMT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: D89G9F4MJTN7HHW7NK3D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jEHgRlT0mWCyc4DiPmw2aKi48mWY5lboI1E3Locns8SIXxuZs9J9og==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 134ms
44ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 56912
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Sat, 23 Jul 2022 10:15:40 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: NG2ky-2hSrISVhoC39pHcZZ1MiFE7gLSQhj6Jyggv_V4MnRxt5as9A==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 152ms
56ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1143f5d9bc77ae37232746c89d57d5aefb25c2f19d1cf93325d1b8903a15e25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 139ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 141ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
34 KB 338ms
333ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3918662373447054&correlator=134295518169279&eid=31068457%2C31068586%2C31068591%2C44767022&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=1364157992&sfv=1-0-38&fsbs=1&ecs=20220724&fsapi=false&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D1.90%26hb_adid_appnexus%3D1789eea40ad4961%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D1.90%26hb_adid%3D1789eea40ad4961%26hb_bidder%3Dappnexus&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26variation%3DA%26traffic_source%3Ddirect&sc=1&cookie=ID%3D2568683628c7c778-221b16bdd8cd008f%3AT%3D1658628251%3AS%3DALNI_MYzZbgghYwqfrxKwfodz0MzHC9sGg&abxe=1&dt=1658628252074&lmt=1658628252&dlt=1658628251076&idt=493&adxs=1114&adys=447&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1740064411.1658628252&ga_sid=1658628252&ga_hid=1631690796&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

808792f03bd0969c1e4ed38199eab3a10e1237a9bb44dd7f45f1f82ac20f2e8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34538
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 02:04:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F5A 13 KB
5 KB 124ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 12576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 22:34:36 GMT
expires: Sun, 23 Jul 2023 22:34:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89BB 783 B
534 B 132ms
49ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c6ef5d49775fbc49ed6200eb21efbe10e0e7baf0c4c2194d20374f537d73a6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-akEGQ-xxVBTMyOr0uDeUSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-akEGQ-xxVBTMyOr0uDeUSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:12 GMT
expires: Sun, 24 Jul 2022 02:04:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F5A 36 KB
14 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 19:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 19:55:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89BB 0
0 156ms
76ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072001&jk=3918662373447054&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 177ms
57ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Jul 2022 02:04:12 GMT

GET
H3 200 container.html Show response
94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2F4 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:11 GMT
expires: Mon, 24 Jul 2023 02:04:11 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FAEB 624 B
733 B 143ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGJX7ssgBMAE&v=APEucNXKmiPtWyo4X-fIuxHi2vRQ8ua2T43yszQbCIc1QOdD0IooJUUMGfiAq0D1XdAtI0wOiohrFBJIAmJf5fdKq_nQ1QtU_erT7TjS4jFXUQg1dUmsvP4zTeBJsKgBY1xdT8EEKC39estfuPFwfoWRF8o2lezQa6qs_n9n1NDQ8jAyHDJihvY

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame F2F4 21 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 23:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 23:48:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame F2F4 6 KB
3 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 21:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Aug 2022 21:25:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2F4 0
622 B 208ms
90ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBSAlLCM6FtxTsp0YP-GMHVHfG0RrrwKCZES6YA7-jUnacq3hoVTQHI4udrtJIDDj19-pkHsIWgbQAbCQWLXJ5o0rpDI5simbG2ObRirnfoZ4WNo8n-HguFPfcp-jn6a0nQdpD05vcgiOExz2c1KvvqQmv9rFe9yU8AtFI7Q6RDI8asq_0BQZOjOsvE3VU7KOoNF8OeCkQmiAAEB8FVbF2cUrNPWcJVEctN15mvXNs1PUgSggYV7pgBjkWw7j31CyC9LqKtfxo4hkB6cM9twmUybD9p0gteQ_ZTY439U_5zh0anOWeC5A39B38v_jrV_cseu25w750tiqpIBgmQ6LaR-2QSqJ_UqZ3QLRr5UEfXDqLxQbji6AI6gkl_p3-eA8jCVhWy911FiEd2yeoFoKyQvuAumcq0YDk8BzLMoXKvJAwPLIuzP6v2pTx5HIMlW6YhtNIH50npxT2tBTI4r5VPnwKSVtY25y4utGA7dSebEZiNQPc0XAHM0qSPnCrwr-LYG5cljC3pjzv2s50zBsEeHqER16d674nZ9NlOjKV9Ng156am4kB-SoiaHv1Bvw8QRbpr5TI9HNVaM66oDhSsX4uQMDRv8dJ7X7kB-N_tSw0n9j0eq-HApoEW4EQPbJLRwmuEYwjO5YmQ9eVstBwVNh26KPbV_zwRP3597k-TBZVJsx8fliOpibMMS20V5vyPzmcM3uNffaBOz1TyvQoqSaorMnKuEe1BFi6YhGJoZ1hf5MY3euDyXp-ydggHfotG1VFoC2DMlQnGo3daDoqzmavRF9IKZwnA2Bbq9a9CyQ6C_VuX7LjsMagYQtx4afYibN_TzN5pCS2WNG5fCXapyx5mVxvM90F9oi3ouKtuVOfrB758K8h6wXy9-6uT_abtZGcFas8u82auJGEdpP8649XMxj8ZgtvCALi-B36GJtR_iXZtSwQgZtkSrqil0hzmttHcfI7YxhfpvEdnFodxJfFMyrOJlyhAK01Xe4ZUmBaBDPxCUNOYuchPIXMAWemkTU8B4EHdpxKtNc8aOkoH1vUaKvInMplJPcBj2bQq2d4gbDR-7KUHz8Mr0lFcWTN3LGPPcTygfWlbYZ12GitwpyavVi41mmOFbvJFfRfCx-L3kjZlC11P1cYfxcKBrYg6FNivEeH-ejRke6z8M1XZj6_sCI8Sc22OWLO5alaqVcH92Z258kR_TdnuGueL9mwao-L407qE0XfWFbTz633nIA&sai=AMfl-YTRudlI3fTlLzOvp77-_I6BFK4QahbR9FAfSPAwy_cciQ9-E1z6zDot4HS7jPdcbfZoPwtztQ3U8vaHhwUCl_MjoQ2MBTTkS93q34g2F8z3iBA318wSzYUP4IPam-xpsPwx6dH38_LfStwcDYQ_QxRBOKxrmcQx7efn4Ey3BuiByShwvWqXCGZHjX_64H6y14t99XMAg_nEr0zifgiS-3m_Lt1ycVRFYtWFlgSlriR8YFkxYAsiyo9AC9JA1k-NWuQ9AMf78N79iMAVZF_aU9EvGdr7Q5gx0eAJMEE&sig=Cg0ArKJSzPZKD0QQhzzYEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220721.59551&adurl=

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 24 Jul 2022 02:04:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F2F4 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 16:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 16:10:17 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2F4 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWV-pOuSuuNeBmADIBZLq206b0BGoXBwHDKDkbLwmRYs4wbgOE7cSc5X9Onwd0gv_gBlKT1kVA24go_y65rjGHvwp8nnUDB9t_hhXSJXMVqBXLdaM

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame F2F4 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:50:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2F4 138 KB
42 KB 141ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 02:04:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame F2F4 17 KB
7 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 01:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 01:43:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F2F4 0
0 49ms
48ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuD5Yz9kcVzgQktMjjqme3o_uyA1fNMxwSqlHbHZJSp94HoYkz7qca_5Ri85RSr157_6mJeV9z4Dg52YD_qg6S1P8CtA
Requested by: Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 7465079984512251233
s0.2mdn.net/simgad/ Frame F2F4 243 KB
243 KB 185ms
41ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7465079984512251233

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69ddf66a15aed625b026bd7588f601eb27b8a586b4bf02aa4b3cb4798cd0feab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 21:13:45 GMT
x-content-type-options: nosniff
age: 17427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248404
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 11:07:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 21:13:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F5A 0
9 B 47ms
40ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n-K6sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5091 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 44981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Sun, 24 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 468D 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 257165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FAEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1

43 B
942 B

78ms
61ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGJX7ssgBMAE&v=APEucNXKmiPtWyo4X-fIuxHi2vRQ8ua2T43yszQbCIc1QOdD0IooJUUMGfiAq0D1XdAtI0wOiohrFBJIAmJf5fdKq_nQ1QtU_erT7TjS4jFXUQg1dUmsvP4zTeBJsKgBY1xdT8EEKC39estfuPFwfoWRF8o2lezQa6qs_n9n1NDQ8jAyHDJihvY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f915749c587714-LHR
pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMdh7JOV2MNS4TjKUOeewRcD3Go8o%2FjcOYKuLgECnIs51PA285QVF57JGGwtp%2FGLLJOegzZJI0yzApR79WTUb5SsHmAnaUi2dqogAhko2vD55R%2BjuAZ0C2jARZseR7kLpavSkhYBcSihRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FAEB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtyonNNMPUnSsuOsNpK3NgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1

43 B
915 B

64ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGJX7ssgBMAE&v=APEucNXKmiPtWyo4X-fIuxHi2vRQ8ua2T43yszQbCIc1QOdD0IooJUUMGfiAq0D1XdAtI0wOiohrFBJIAmJf5fdKq_nQ1QtU_erT7TjS4jFXUQg1dUmsvP4zTeBJsKgBY1xdT8EEKC39estfuPFwfoWRF8o2lezQa6qs_n9n1NDQ8jAyHDJihvY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f91575de077714-LHR
pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BIIuPu%2FZcb8V6rvwpRqDFSEpxxabdjMpzYunbahhiM5xrQGiOvjK5pCRiPz3SQXooAEkgNWTFLJ%2FWFBJXAIjOnQRtZPOg%2FAvPgRbZTsGcIDqVKuDLRHMh6qlb6zr3FnGdPlXu%2BGV8Pedw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN68ZpqB08NvpDV4vdkxy90&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FAEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENNAmP6FFWQNgZGsHgmxJvs&google_cver=1

43 B
1020 B

35ms
35ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENNAmP6FFWQNgZGsHgmxJvs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEPGq8qgDGJX7ssgBMAE&v=APEucNXKmiPtWyo4X-fIuxHi2vRQ8ua2T43yszQbCIc1QOdD0IooJUUMGfiAq0D1XdAtI0wOiohrFBJIAmJf5fdKq_nQ1QtU_erT7TjS4jFXUQg1dUmsvP4zTeBJsKgBY1xdT8EEKC39estfuPFwfoWRF8o2lezQa6qs_n9n1NDQ8jAyHDJihvY

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:12 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cb13d7e3-aebd-473f-b676-396051e22519
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENNAmP6FFWQNgZGsHgmxJvs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FAEB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyNDEwMDgzNjgxNTYzMDkzMw%3D%3D

170 B
243 B

96ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyNDEwMDgzNjgxNTYzMDkzMw%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:12 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f4ea9020-e0a7-45e4-98c3-7efbf10b0bc3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyNDEwMDgzNjgxNTYzMDkzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET /
google2waycm.netmng.com/cm/ Frame 5091 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5091
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1&google_push=AehlK4AK86ZwqugyZuMx2uVeQldgplONWB1NCQjgHJYkN5t-k91H0KIMY2Xq7qFt8KZgQK71_2yBlaJXAlOo84i4IBU-N2yZ4SU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzE5OTc2ODc4NDYyNzY2ODA3Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1

43 B
398 B

64ms
40ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1
Requested by: Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN09KrQECJfYbKL3owprMXY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5091
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIvcWWPj-ZcEePIFjgbHx_s&google_cver=1&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOi...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIvcWWPj-ZcEePIFjgbHx_s&google_cver=1&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ea51439f-bc92-4093-bda6-fd85f2853fef&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM&google_hm=7M96NsdhROCTCao8Ht-cxQ==

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM&google_hm=7M96NsdhROCTCao8Ht-cxQ==

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4A4mWkTCNq2NddlrOzVMNSlLGiAxvBQxfbroX9tEoJDhAmVyOJNBz0pKxSu9hySywGifaw3PSwexyPJ33JkVYOiCazMYtM&google_hm=7M96NsdhROCTCao8Ht-cxQ==
Date: Sun, 24 Jul 2022 02:04:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5091
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPHeYvLwNfm2f9WkfFuyItw&google_cver=1&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO6WYzM&google_hm=MzMxMzg1MTQwMDcwMTE1Nj...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO6WYzM&google_hm=MzMxMzg1MTQwMDcwMTE1NjQ3OA%3D%3D

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 24 Jul 2022 02:04:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4A9o93MiD5WePRXuQjj0SY72_RB6enNel2d5OJ847FGPTZ89y6rO6_L7LIivdK6lA2BHg5CwCUe1DWTmkMwWGP-pXO6WYzM&google_hm=MzMxMzg1MTQwMDcwMTE1NjQ3OA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 5091 43 B
175 B 173ms
171ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENClXBku2FJijNLbFS92eUk&google_cver=1&google_push=AehlK4C2MGSGzJrln4LrhpKYckz0uvPPD19c2ygRPsxxAtnF6jor8r6xnGjWCLTblvxXagq2qbzxXaHloGdEiah3RqcxGXxLOz_G

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Jul 2022 02:04:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5091
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_hm=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&google_nid=index&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOw...

170 B
188 B

125ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_hm=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&google_nid=index&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOwlfc_UI_e6q_hiEJOpXZpMbYrueg2eop1E8AwQp1ergbckN4BQLpKW3MIIagmQM

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGRxZ5uVB7VWw0bVeSJ5F3l%2Bqy7JOi82u%2FLCoR5wLFSAJRaEgxiPpjjvqcbw%2FknM8yoYs3Na2fu3ZLtm8ImjG25YFDLhFSlsa8ePa0fa3%2BRauusDFI8a1uXPk1sDg6IzouabQoG3Iu0AJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEX4UQc5PYpf0rlKpnPMyOo&google_hm=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&google_nid=index&google_push=AehlK4CRuaYarBaOIQRpj6EuzgxaaX9yPTiOwlfc_UI_e6q_hiEJOpXZpMbYrueg2eop1E8AwQp1ergbckN4BQLpKW3MIIagmQM
cache-control: no-cache
cf-ray: 72f91574acc2731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5091
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEBDZk9S7RGrsyz5dksacb8&google_cver=1&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8Sw...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8SwudXI5CAK-Yl2X96F

170 B
232 B

51ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8SwudXI5CAK-Yl2X96F

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DMmldyiLuDGSw-ujsdx2kqc3Xi18B462ECoxW-AzgvQZ39ebiG9edhnI-8A9Phfo-SsmGQrJgIg8SwudXI5CAK-Yl2X96F
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5091 0
232 B 158ms
48ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRnyPPrMxmhhLZRO2xB8EVQ6z5729kShe53iA2HAum-x9NZ2niLARgcDCe3bkE2ounxJBH

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4D23 15 KB
6 KB 195ms
61ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 02:04:12 GMT
server-processing-duration-in-ticks: 2424
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 177ms
59ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Jul 2022 02:04:12 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 468D 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
DATA 200
OK truncated
/ Frame F2F4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830ad60db50228b545decd9f2c4636f90b1b9a37c2033bdc19b9ece3a0f14292

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 468D 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz_jbnKjcYs2XCYrr3gOs7qPwDAAAAAA4AeAEAg&bg=!o6CloOTNAAacadVKvGk7ACkAdvg8Whbk545p_6cSEMSu23dsNHYXfny8gZ-nRIG4BrNJBurl45NPIAIAAABPUgAAAAJoAQeZAuNegbUzzhz4wFV-uYooaUUjJScCvbGE1ac72LWPm6ULIoHOGsWCw3-9iVAbE_Wt2Jy1iDyIoSBzqALX9_AZ5SoUvsSUl1qDv18FPffvcGaUhwruqyYpC3UwGavJmn_yAOPmaeAC9FuRHkkr8kHlzeqmAysH86lM7uAnQLRJGN5oVOlPl6FeYoodhgdF4r5jCQ6reas2aB0M54PiDR8E6JPfC9R3K6XNzqZrnhRJYgOpnx8uRYNKRv9nn2mylNlH5CGuZTVsf80OhKkhyjztEff1JZ9CZu3mOVHSPm2H1GGXYV_mfGrp0TzFNM_qyUIBUJ8NbjIdXvbG06yMhQf4Ko_5rXnO5f8Hp3f2SQVwHMeuktu3nSvsdxdocbAPNX8CciG0E3LJJ_JLVbD48fEpuM6fv3AfprJAumKa8KFRtARe2Snu8jP9v_dfMVP1BdypU2VZodBpU2KcOglRl3IVv_sIQsfxbyInFGpII0Y0k5ufI5SwQKjbwWp9zqaB_8x463Eyrrtsh_2Twn6_CPQ7cnA4Do_uwzaA8q-89g3cdcQz_pu5H4JRpniXUxcLLf0JQRUXNsbL_Wm0wYXPyBEPvl2CFO5S7KsjSpKxgk7B-GzGJzU7W4O-eMmS20FnJ8bH7_cJNFeXoupbI68faEnDnkZt1pT3IQX_3JGcftO_zVafE3U0FayblNkU70owhN3jXfMWCqFoKx56yzbSMzvsQIckTLzDfi7oaj_e_lemIzg5d7csgbzT9wty94lLmxYdeNjMF3N4Pa1eDM7TKtqUNW1gFRlEbleFDXjMVacjbD74vCEnUs3xydRFSvnGi3Z67fKzLnYgJgUnl7dkBYansjPIfStG6zQYom28kPFcTo_Cb5cz-c_Og1WpbZA_-n__rGeIN04A6W7kk8pIWOnsiVsgyMOJTYcD4_fCqH-T0jhoNyZyt_XoJ_yBWypqtLTRFugXKRgNGATsi21FWHyf7uqQJd8T

Requested by

Host: 94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
URL: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F2F4 0
26 B 161ms
79ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 02:04:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4D23
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uuLvR3xpY0NBaURTTDI3WnVUblNwRDgrclFlbU83OFRoVi81ZWlxMXp6TTMrSnRzdWxoNDN1SlpXUEJaQWVGOVBoN09hRVFaL3NXTUVEcWpjbXo5RCtBY2twVncvU0hMQVdsTFZSaG12clVxM2xVeXBqUlFmdWRQQmZrOH...

417 B
630 B

250ms
38ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uuLvR3xpY0NBaURTTDI3WnVUblNwRDgrclFlbU83OFRoVi81ZWlxMXp6TTMrSnRzdWxoNDN1SlpXUEJaQWVGOVBoN09hRVFaL3NXTUVEcWpjbXo5RCtBY2twVncvU0hMQVdsTFZSaG12clVxM2xVeXBqUlFmdWRQQmZrOHdSTmxuMVQ2NXFwcTRCbW1DZUFOdEg2ZVpqTDNFd1Iya0ZQMExSNFFIT1pYMkR4cHVLQXg1UjdSeU81Y0ZyNXhWeFluSHUyZzl0MDlWdmZVSzdweWxvWGlzQTNGQy9YT1VNRFBDRkQ0OVdqL2J6Rk9nWDl3K1FHWExZZDZRTGV0VjZzSWZEbExrVHgvYURiSGcwUHNudmpqQW5wQ2N3Zz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cb9dc0251164dc70d166970041f8342065c4f0c6a1e0ec3698e4230f93e200c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:13 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 6692
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:12 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=uuLvR3xpY0NBaURTTDI3WnVUblNwRDgrclFlbU83OFRoVi81ZWlxMXp6TTMrSnRzdWxoNDN1SlpXUEJaQWVGOVBoN09hRVFaL3NXTUVEcWpjbXo5RCtBY2twVncvU0hMQVdsTFZSaG12clVxM2xVeXBqUlFmdWRQQmZrOHdSTmxuMVQ2NXFwcTRCbW1DZUFOdEg2ZVpqTDNFd1Iya0ZQMExSNFFIT1pYMkR4cHVLQXg1UjdSeU81Y0ZyNXhWeFluSHUyZzl0MDlWdmZVSzdweWxvWGlzQTNGQy9YT1VNRFBDRkQ0OVdqL2J6Rk9nWDl3K1FHWExZZDZRTGV0VjZzSWZEbExrVHgvYURiSGcwUHNudmpqQW5wQ2N3Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1479
content-length: 541
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
80ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072001&jk=3918662373447054&bg=!yMuly4_NAAacadVKvGk7ACkAdvg8WuiKrG6xOQy9oZWb4w7LI_vIiS5eZwjwt7nX2wxKFlqr2AFZ0AIAAACLUgAAAAJoAQcKAAqgeS_y11mVoxdKmQKSsyCITfIgqoIPL0uONxM87gn2TkRd4u26vJfYIF_Q9PV-tJx6lF6T2y_lRBT0psLtQ_uVBoSuBKJCE-HMFAcyaIqupZXHSeDaTfw7Uidk7NHj7ulH5jTSjisL-dGzvInUyJRB6xB9M3sVz6pFfcb7BjDY8z3zmYdF5tOu1zvWiGhlKXZ2eiIhoEvSdYopP8ycwhqTRzfvzC7GC7SLEKRrTMUvNm7GplNUDNx617sTgtsTrsOIJs2SV70TyADI4BcZBVb65muVakEiiUez0mYXgn06rWkJm1Vhxj0O1lur6tjESWWas7k0GLhifV1W5EpSkxCArlJhcsRU4m4Ym4a57XQ_-prZJSngoJZ7gdWGaMGHNxee-Nc8Gto13-pn46F1Yz7ioMDWF3csPftwZFcfm-V2DRjyipG9Ir5G8jyglsHdCJiE5H6XQ9rMmvcbx5Wi_ZCl5VY2Q0PjdfEXQAbFEzU9eR9uS2Lvsx6JiqNp4zXN4X63Yh9FBQthzIYJHtyWhXjgfIA0j0cEqRRJjrS9s9J3MRkNgHDFD6l1Dt4IThdkP5R6b6pFrges95cCRkj0T2OAiYAFnlUw84sLL4hqLNA-MzgMZSvZD41eyXgk3bnfemCrqeCUgDSzcUD4pQ9I6RPaOxR9U5AKNcyLHqnWzNCkUjJ4xEBvwYTbHZWvZI658sQaIqvb9mHhDclxBYx0eboUxLp6zqhzYqompD3McRiJKq6J_b5x0CgQe6lQdRzgz9waFfmsF4ha7HoLBWVVviT8qeXdgW9XtUCkjOc8HTbtaw2EqhlrUTdevlKS0aQyXlKFWhkolO-WM1MyBapcj5TDsWUnQOoRQjlfgYc64FOOHG8DoPlMWwiszjF4sIJfUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2F4 42 B
64 B 164ms
82ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv77Zx7n0Jb2z--a5xrGuZ6yt9FJpYoMPfkTI_9xX4KeDYJXp3xjjtoTRMg8nYw30lghzyDxOeU71dZgnpPpYT8qqNT1Dxf0tDzEqpFA2nnU7U1cXbf9Qq46KehDDqSCqjW44O22k5FSjVt&sai=AMfl-YTl-Vu27UPjWaq_uT3q57KCn3Xz00YMsMjRFVTsVSrEF5CJ8ckxO0vrGjSXRVkixKssOCLQkq4N6rJyby869ekiOdtCsTzp-fF-Yh-5S7S14XRiC8oXSJXBo_Y&sig=Cg0ArKJSzOE9k_ZXi0PIEAE&cid=CAASJORojYrt_eno_LsCVes3q9TPdoOdL-qq3FU1L0gs0veIymTQNA&id=lidar2&mcvt=1000&p=452,1114,1052,1414&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1364157992&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658628252465&rpt=407&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AFE7 52 KB
17 KB 202ms
44ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 24 Jul 2022 02:04:15 GMT
ETag: "623de86a-cf34"
Expires: Mon, 25 Jul 2022 02:04:17 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 04E9 3 KB
2 KB 201ms
44ms Document
text/html 88.221.168.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Jul 2022 02:04:15 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CA03 281 B
554 B 157ms
41ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Jul 2022 02:04:15 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 51A2 37 B
140 B 142ms
46ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/a/ym.js?2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 24 Jul 2022 02:04:15 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CA03 31 KB
10 KB 42ms
41ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 02:04:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=18250
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Sun, 24 Jul 2022 07:08:25 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AFE7 0
747 B 35ms
35ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:15 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53de5d44-98b2-4308-bf09-a710b9ae797b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 17BE 2 KB
2 KB 83ms
82ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea195d4eb08da93eeb5ac388c6e2ff010e628779fba0e2223e4c5a8b50df132

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72f915839d0d731b-LHR
content-encoding: br
content-type: text/html
date: Sun, 24 Jul 2022 02:04:15 GMT
dropped-udsids: 241|230|39|73|26|218|40|5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBA43PquE0za0cHgNC13jLATcjfbDVJaATkfQbRhCTY6tZ4weMaQGXOOi3scL%2BZ%2FjS174AQZ6wpCiwSmiF2G5O5lLGV3RyWgPbXCDVBPRGQgsj0FPPLN0XzAxwW3lmQOgCis%2BCNxyQo4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 17BE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&dcc=t

43 B
645 B

117ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: F9F77PDGT9KSGAD0736K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3MKKTT4CMD1C936VG6WH
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 17BE 170 B
188 B 50ms
50ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 17BE 70 B
265 B 139ms
40ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 17BE 43 B
988 B 50ms
49ms Image
image/gif 2a05:d018:d29:3605:9ba9:76c9:a8da:3df
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YtyonNNMPUnSsuOsNpK3NgAAESIAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:9ba9:76c9:a8da:3df Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 17BE 0
99 B 128ms
34ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YtyonNNMPUnSsuOsNpK3NgAA%264386
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:15 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33342

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YtyonNNMPUnSsuOsNpK3NgAA%264386
dpm.demdex.net/ Frame 17BE 0
0 216ms
48ms Image
application/json 52.16.111.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YtyonNNMPUnSsuOsNpK3NgAA%264386?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.111.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-111-17.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 17BE 0
0 204ms
69ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 17BE 43 B
425 B 44ms
43ms Image
image/gif 88.221.168.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YtyonNNMPUnSsuOsNpK3NgAA%264386
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-248.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 02:04:15 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2711
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Jul 2022 02:49:26 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 0CAD
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

113ms
112ms

Document
text/html

52.203.133.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.133.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-133-218.compute-1.amazonaws.com
Software: /
Resource Hash: 97552e079545fe21ef3624e5969ed81d43c92de5bd5d7a2ce05e86d1d8d97955

Request headers

Referer: https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Sun, 24 Jul 2022 02:04:15 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Sun, 24 Jul 2022 02:04:15 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Sun, 24 Jul 2022 02:04:15 GMT
location: /um/cs&eq_cc=1

GET
H2 451 709414.gif
id.rlcdn.com/ Frame CA03 0
0 113ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA03
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjYyMjYwYWZlYWMzYWEyMWU5ZjhiOTk4OTkxMjM4Nzc3OGI2OGMxNQ

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjYyMjYwYWZlYWMzYWEyMWU5ZjhiOTk4OTkxMjM4Nzc3OGI2OGMxNQ

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjYyMjYwYWZlYWMzYWEyMWU5ZjhiOTk4OTkxMjM4Nzc3OGI2OGMxNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame CA03
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YOFPPG-28-EZTL&sigv=1&esig=2~6ec4d94fde921406966a3b41dfe288c314dffd88

0
194 B

173ms
46ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YOFPPG-28-EZTL&sigv=1&esig=2~6ec4d94fde921406966a3b41dfe288c314dffd88

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5YOFPPG-28-EZTL&sigv=1&esig=2~6ec4d94fde921406966a3b41dfe288c314dffd88
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CA03
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMqKBd4GcMqsYOLy4d3hKNs&google_cver=1

0
239 B

183ms
42ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMqKBd4GcMqsYOLy4d3hKNs&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMqKBd4GcMqsYOLy4d3hKNs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA03
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=P3DWXTddTniMGYH73HjLqw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P3DWXTddTniMGYH73HjLqw

43 B
556 B

50ms
49ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P3DWXTddTniMGYH73HjLqw

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:15 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y80H1VQXJDPCM83MBQ5H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P3DWXTddTniMGYH73HjLqw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA03
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZT0ZQUEctMjgtRVpUTA==

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZT0ZQUEctMjgtRVpUTA==

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZT0ZQUEctMjgtRVpUTA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame CA03
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YOFPPG-28-EZTL

0
710 B

258ms
168ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YOFPPG-28-EZTL
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 02:04:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: AA04C20C5A7F4B2B9DFA5E24C64379E5 Ref B: LON21EDGE1110 Ref C: 2022-07-24T02:04:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkg3v/8X2BDdk4Oj3DCQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5YOFPPG-28-EZTL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame CA03 70 B
264 B 126ms
40ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame 0CAD 43 B
908 B 68ms
67ms Image
image/gif 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=24f87cde-f2ee-4425-ae47-dde7a0886328&expiration=1666577055
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72f915875aa97714-LHR
pragma: no-cache
date: Sun, 24 Jul 2022 02:04:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1socifKvpBKCR3fptzktwKMLyf77BAy5%2FlExsBlNuI1BDKwg7xFGsTo0Jr5ZVQFBD3utgLB%2FV%2F4sgOEgY2XGYT5Gf83ittQGG4476saY2Kk8Dz4uiYWJCVX%2FHJTMInZN75two3N1Cyh9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AFE7 0
747 B 35ms
35ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 02:04:16 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 62d4dcbc-bc2d-4a30-b42f-c8e9be07aee0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESENU5yIF5fC7xVnQSzUXC5Ew&google_cver=1&google_push=AehlK4Bb3Esy8-M5qaLK_wZFAWkeLQ567mTUZr6PtDDe7kok4XnJcerTiXc8WQqTlUR0cvsjGGzbglCFNLn14wmvwgyywnF4kn_O

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 04:43:48	Name: XSRF-TOKEN Value: eyJpdiI6IjlwM3VsMkE0WFBqMHhBWnJrVTF0MVE9PSIsInZhbHVlIjoiRUFERTdQanp0Lzlra0xFeG1LOFVncU4xRkNaWmxKZmQrV1FxdzY1emU1TVN2cjIraUJoTnU0NkV6bFdLTVRRa0xYMEJnZlVDcUNYVm5sUG9YZlN6R2U4TlZxZU5ncEs2RDFYa0VNTzN3UjJmcFQzMWRhMGpmK2JROWRrK1owbm0iLCJtYWMiOiIwOTU1ODM1MzA4MjQwZWYwZWNlZGEwZmYzZjI5YzhjYWM4OTA5ODYxMDMzOTdjZmJhYzQ5MDk2ZTdiNWM3NDBlIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 04:43:48	Name: nvnew_session Value: eyJpdiI6IlBBU3JONDZ5ZS90YUs5ZXBxZzhDZ3c9PSIsInZhbHVlIjoiTzY2NkhwWm5LVnpOOUxkVXRiVUpYa3Y3dE4xL0tqbDY3VFhMREd0ZTFtWktCMzBqS21mai9wTFIzdU9Ud1B6djNHdzNHcFFtRWN1ZURscFd4V0ZYVXRqWlMvaCtJblRpdDZMOUdFOVRJNG9pMHdtVXFQRXY0cndJenhCdDVPNVoiLCJtYWMiOiJlYWMzYzlhNTU0ZmVlNzlhYTQ1NWFhNjMwZGZiN2M0MDhiYjljYmFjNzk3ZDVjOGYzNGNiM2FhZjA4ZDQ2YmNmIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 04:43:48	Name: device_type Value: desktop
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.nv.ua/	1970-01-20 05:27:00	Name: yield_master_ab_interstitall Value: A
.nv.ua/	1970-01-20 06:53:24	Name: _gcl_au Value: 1.1.1667586162.1658628251
.nv.ua/	1970-01-20 22:15:00	Name: _ga_52RSPD3WMK Value: GS1.1.1658628251.1.0.1658628251.0
.nv.ua/	1970-01-20 22:15:00	Name: _ga Value: GA1.2.1740064411.1658628252
.nv.ua/	1970-01-20 04:45:14	Name: _gid Value: GA1.2.1745100044.1658628252
.nv.ua/	1970-01-20 04:43:48	Name: _dc_gtm_UA-51943557-1 Value: 1
.hit.ua/	1970-01-21 07:00:36	Name: uid Value: 1392898236.1658628251.1080682668
.nv.ua/	1970-01-20 14:12:36	Name: __gfp_64b Value: NjEqbRtyybm77FaggQBQWEPyGOlfAF64dN.Ksd9dafX.Q7\|1658628251
.adnxs.com/	1970-01-20 06:53:24	Name: icu Value: ChkIra6AARAKGAEgASgBMJvR8pYGOAFAAUgBEJvR8pYGGAA.
.adnxs.com/	1970-01-20 06:53:24	Name: uuid2 Value: 8524100836815630933
.rubiconproject.com/	1970-01-20 13:29:24	Name: khaos Value: L5YOFPPG-28-EZTL
.rubiconproject.com/	1970-01-20 13:29:24	Name: audit Value: 1\|hLZGFuTafB3polwuES/U81qbBgMWySGKoH1GQZR6kujhvg77JRs8Au45tF9XKoFfqzSne0l760vHH+5S0WTXOH7y6MIaC84S
.hit.gemius.pl/	1970-01-20 04:53:53	Name: Gtest Value: KlGN8RaGQMGGk3gQSK6Mmg9issGMXP8c25nSGFmot1KRXBG.
a4p.adpartner.pro/	1970-01-20 06:10:12	Name: apuid Value: 9e95ffe4-a3f2-407a-8573-3ab0a803ce11
.hit.gemius.pl/	1970-01-20 14:12:36	Name: Gdyn Value: KlQhfRXGQMGGk3gQSK6Mmg9issGMXP8c25nSGFmot1KRFRxSG7RrGS6Gug2BFlM2xgGPo1RGF8CBI8l8MG..
.doubleclick.net/	1970-01-20 14:05:24	Name: IDE Value: AHWqTUleuLqUUuoD0SPXU_-H7xD6Qoyr0FCiEdw4sFcMm3ZntGOcV7poViUyyfNnBC4
.nv.ua/	1970-01-20 14:05:24	Name: __gads Value: ID=2568683628c7c778:T=1658628251:S=ALNI_MbH8e_1ijxjRulVfUZRhxuaHBm14w
.casalemedia.com/	1970-01-20 13:29:24	Name: CMID Value: YtyonNNMPUnSsuOsNpK3NgAA
.casalemedia.com/	1970-01-20 06:53:24	Name: CMPS Value: 4386
.casalemedia.com/	1970-01-20 06:53:24	Name: CMPRO Value: 4386
.turn.com/	1970-01-20 09:03:00	Name: uid Value: 3199768784627668073
.bidswitch.net/	1970-01-20 13:29:24	Name: tuuid Value: eccf7a36-c761-44e0-9309-aa3c1edf9cc5
.bidswitch.net/	1970-01-20 13:29:24	Name: c Value: 1658628252
.bidswitch.net/	1970-01-20 13:29:24	Name: tuuid_lu Value: 1658628252
.adnxs.com/	1970-01-20 06:53:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTuiJ8Oh!]tbPl1M>e)ZlrFUfJ+tGXxp6X7?gmVDDI-XS6$3Lf0*jHQ?1u_.zqkX?Npg3If)y3KL9D3I?+=daVd'
.criteo.com/	1970-01-20 14:05:24	Name: uid Value: 56847b75-14b7-49c7-b086-23c8a93a7158
.yahoo.com/	1970-01-20 13:29:45	Name: A3 Value: d=AQABBJ2o3GICEIeQVNa8BDUJRQiIMxci3W0FEgEBAQH63WLmYgAAAAAA_eMAAA&S=AQAAAghONO7lmWuaswfGZv6tWFE
.scoota.co/	1970-01-20 22:15:00	Name: tuuid Value: ea51439f-bc92-4093-bda6-fd85f2853fef
.scoota.co/	1970-01-20 22:15:00	Name: c Value: 1658628253
.scoota.co/	1970-01-20 22:15:00	Name: tuuid_lu Value: 1658628253
.nv.ua/	1970-01-20 14:05:24	Name: cto_bundle Value: WtwFWV9ucUdpQUgzMTNmSHE0TXNiaElWdnIxR3F2V3ozZnFyYnEyTURaa29zMXF5ZGdMeGg0MFBJa1c0d21MdGNyTEw3QkhyTTQ3aHZkd3hIZExpVHF1dGJRRk9EUXQ5aElmQUNCcVhyMDQlMkZ3V1ZvU1JibTFFVE9sQkRtSG8xY0szQVg1a1Z1RmE3T1AlMkI1QmNIdVhlQXpNODVBJTNEJTNE
.casalemedia.com/	1970-01-20 04:45:14	Name: CMST Value: Ytyon2LcqJ8A
.casalemedia.com/	1970-01-20 13:29:24	Name: CMRUM3 Value: da62dca89f2760&1a62dca89f05a0&2d62dca89d05a0CAESEN68ZpqB08NvpDV4vdkxy90&4962dca89f05a0&f162dca89f05a0&2862dca89f05a00&2762dca89f0b40&0562dca89f05a0&e662dca89f2760
.eqads.com/	1970-01-20 06:56:17	Name: EQUser Value: UID=24f87cde-f2ee-4425-ae47-dde7a0886328
.amazon-adsystem.com/	1970-01-20 10:45:14	Name: ad-id Value: AyBL_B7o7krpljx2yMIu5as
.amazon-adsystem.com/	1970-01-22 02:12:36	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:15:42	Name: bcookie Value: "v=2&a8031fba-b1f5-42e7-8933-cbe0b1c769de"
.linkedin.com/	1970-01-20 22:03:35	Name: li_gc Value: MTswOzE2NTg2MjgyNTU7MjswMjHzkYZxy8QwSurLMFiSnYEGMze9dYK/g9wwCPDUwrBwiA==
.linkedin.com/	1970-01-20 04:45:14	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=2936:u=1:x=1:i=1658628255:t=1658714655:v=2:sig=AQEDkz4w61QH9iO4ZyVZ7YoJlw8wiogw"
.casalemedia.com/	1970-01-20 06:53:24	Name: CMTS Value: 4409

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94701d1552b4221783f0d17b02122290.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
cdn.membrana.media
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
images.weserv.nl
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
mug.criteo.com
nv.ua
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.scoota.co
r.turn.com
region1.google-analytics.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um2.eqads.com
unpkg.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
google2waycm.netmng.com
104.18.18.126
104.18.19.126
108.138.4.10
13.248.245.213
141.226.228.48
142.250.185.66
142.250.186.66
142.250.74.194
146.59.30.104
178.250.0.165
178.250.2.146
185.89.210.212
2001:4860:4802:34::178
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.205.235.133
23.35.236.188
2602:803:c004:200::140
2606:4700:10::ac43:175a
2606:4700:20::681a:bd1
2606:4700:3030::ac43:8f51
2606:4700::6810:7daf
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638::3
2a05:d018:d29:3605:9ba9:76c9:a8da:3df
2a06:8640:454::2
3.33.220.150
3.64.76.190
35.157.246.2
35.244.174.68
37.157.4.25
51.83.220.94
51.89.9.251
52.16.111.17
52.203.133.218
52.46.155.104
52.95.126.160
54.229.14.124
54.37.238.28
69.173.144.139
69.173.144.165
84.17.46.53
88.221.168.248
89.184.81.35
025e749a31505f9f048a486381fe0961e28fe7b91136cf526e48c189f4168bd4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0706e25361895c3f763e98f7c528766197ffb2c506da2b3e3c07bb6239303531
0b59b79a3de628e26f58953655d176928d1bc8a634c5f3ce5617a83bf81a7ea3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0c6ef5d49775fbc49ed6200eb21efbe10e0e7baf0c4c2194d20374f537d73a6b
0f7edb4000e43b140eb139047113ec9830563ba33ac2e8d60bddd0df28ac225c
1143f5d9bc77ae37232746c89d57d5aefb25c2f19d1cf93325d1b8903a15e25f
1182ecca65d662d4d1fc51e35d6812385b7060b96e9a1c5ef898bcf775e27f2d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ea65c3033fb6c02ce5cda1133582195a305558ed5eabf31d4e3c2c14d5cbfb
1f537bf85decb94c0282f91b06dd0579c73ff738b37ee4de50a4d6de0003d2f8
2484418c2bbd9b9348feafc8a259db43a97538225b93d247acfa6406957eec15
26bb1e8a9eaaa4095a778d0929d7659dfe3227eb9c0edce3bd33d1a357b04340
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2af02bceebe300a4154b98422c7bb13af475529f5f7ceadaa110808fe1414893
2fb334d661d0cca9fcfc99a0c5cea440227c6a9096ce46aecb5d5fa160cf80dd
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
36460d16fcfe2ab3dc8494390dcfa60544646fa2b287e167c4043fb4286d8fbb
373d619c9e3ce26b4a2e43872fa34ec942cacbd261270577121d046cdc7303fb
37f3afabe3ef4d1550e3b6cff8365ae1ba25a3df239d941e56be0d8063efbe6d
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d92435ef4bc965f8b09a0c83f514078fa6384e8e7bb58e7e5b282fa301f16a7
3eafa99e8ba1360680af8ede86794f0a29b116bbfdf74539d085d46d153fefe0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42bda377ed6c7398c40ed2134d33f215891803d9cd1e78f904050bd7f699b648
430f42caf926bbdc806adc0f6e635f3201bbb295134743ae13e2bd6d6883866f
4585955be7670ece0d0c906a3f7cd6c98c228e0c8ab40cdc6ccd505010c814b1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b4d3761b0f1fdcdd4a4df505e36c7bd3372f444554c907de272cf5410187fb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ea195d4eb08da93eeb5ac388c6e2ff010e628779fba0e2223e4c5a8b50df132
4fb131c323dedec316e7389799897b88c14abc1f8b062532fce3efd4fe5ae775
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53797c64b70e84e03d6b0ddae2ee6a02800762f335e5a23cdafeee579ad357b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
5747c2056a39bdbf5eb0986be7d7b58b5bc114770df55e272e356e9b8db8c247
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626b759fb11da8b0cc805835ca8b18c59f57576b6489b5baeed2b0c177b7b29a
6460ba7bf14531c886dc40ebecfc9dd5b0372d6fdcf1e02ca1baddf374dce198
64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8
677756699333dc1bb948b697968527d3941d98326f38e6ebe62153991cb2f211
69ddf66a15aed625b026bd7588f601eb27b8a586b4bf02aa4b3cb4798cd0feab
6bc26fb2376a88da27205fb40ad256ab9ad31af92e49aeb410cab61a0192b672
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6e9300e1adc9350d06b39a0432aace48c5c2ff06489bd33f27ddf1f68feeda5c
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c09f5e323e5a4b213105be896d6da202129c4a88c39133c9411021519ae2635
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7ee9ee7e94b2c8272f124cb8b989ef48a77b7ca1111f140d580a616fea582883
808792f03bd0969c1e4ed38199eab3a10e1237a9bb44dd7f45f1f82ac20f2e8b
812bf583b69091bd013eb8d5c24835a187c6e14d722ccc8afdf85d1b2c450cc0
830ad60db50228b545decd9f2c4636f90b1b9a37c2033bdc19b9ece3a0f14292
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
941e238e3dac6fa6aebe8e7525df9c361f18b85a13dec289aab2b78daa572c83
97552e079545fe21ef3624e5969ed81d43c92de5bd5d7a2ce05e86d1d8d97955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9cf7321aee61aca123770b14cd75805d036d359d26989fa70d61ddcadc3cf606
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a391f53027d6ec2117ae0c3e949c5e30162ed165c7c9791b6cb48a05039752db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956ff515cd1a6f9e575363daceecc33c079fd13c4b1082f8b09c0828fb6678f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae3bda58e4a84b02fac5d6db55f7b3f86de5078824cee7f62369be2ba41ddd8a
b040761950c737038e0eb861a8ccd621fbf4810e015eacb33d171819865d1564
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b63b82dd448e167c4f03c0e24f4d7e28a8d16314a783e89f3ba421e2e72b6969
b6967c24ed1e167108951df5441f6ba2afededfe453b3fb63bf80ac40625400f
b6bf044b110356ff7b82174924c3466394ff6356dec8f00e419fc2a9edb72c1a
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b84e41bed03a822d353f8edcdfeb4a786cc58a321a24c52587c8d62cbaabeec9
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf3a32d22b85504e0aabeac525bd0c1af98f5dfd9dece5886a79e0eb208e54c5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
ca69cc671e77c7acb5dbe23a5bbf61f8cdec6cd9e35528849e9ea7a5914b3723
cb9dc0251164dc70d166970041f8342065c4f0c6a1e0ec3698e4230f93e200c7
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
ce8bf0b90763daff68fda5a66648f0fbf0899314a7ced92794282af6c43d528f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d31100d37ebdad883ad8fb28cfd71deddf6bc12726a726ea861a5cc306208eeb
dce896b0ba240d4055748bd70250d564f99ca916fc17c7bc956ea3f557ce5d59
df299f3a8829a6ced50706454798748ce70d234654de3b631dcd3048b93db44d
e0b818376f80661b44fabd987b3cf5ba717a9e7a2ed33ce523b67ac41f1d4fa8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb85eea421989d31745c40da598f3f747155b711b7f3d730022f1867d0cc21d1
ed5727c5f85ede091e2379abbb49dd4b1f7138e683f889a894ef4e62c7b3ba5d
eddbad3251a0d25f509935efde2fd9ceba5ebdf662a8c90c50e536c7369eed6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26b78193eeca84b8ac91fce77a598931a6112413e6d12c55505c08e10ef5363
f344be489f89f6d1a0874af64fb20350df2ccbbfe65a0c074107140ae1661667

nv.ua Open in urlscan Pro 2606:4700:10::ac43:175a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

87 %HTTPS

44 %IPv6

38 Domains

62 Subdomains

54 IPs

11 Countries

2194 kBTransfer

4095 kBSize

45 Cookies

113 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nv.ua Open in urlscan Pro
2606:4700:10::ac43:175a Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

87 %
HTTPS

44 %
IPv6

38
Domains

62
Subdomains

54
IPs

11
Countries

2194 kB
Transfer

4095 kB
Size

45
Cookies

150 HTTP transactions
1 data transactions