urlscan.io logo urlscan.io
SecurityTrails logo

biz.nv.ua Open in urlscan Pro
2606:4700:10::6816:3749  Public Scan

Go To Rescan Add Verdict Report
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-...
Submission: On January 19 via api from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 72 IPs in 12 countries across 56 domains to perform 262 HTTP transactions. The main IP is 2606:4700:10::6816:3749, located in United States and belongs to CLOUDFLARENET, US. The main domain is biz.nv.ua. The Cisco Umbrella rank of the primary domain is 883045.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.
This is the only time biz.nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 54.37.238.28 16276 (OVH)
1 89.184.81.35 28907 (MIROHOST ...)
4 2a00:1450:400... 15169 (GOOGLE)
6 138.199.37.229 60068 (CDN77 ^_^)
3 185.187.81.41 43332 (IDSTRATEG...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 146.59.30.96 16276 (OVH)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 18.66.23.213 16509 (AMAZON-02)
4 89.187.169.47 60068 (CDN77 ^_^)
1 37.157.5.142 198622 (ADFORM)
3 7 185.89.211.12 29990 (ASN-APPNEX)
5 2602:803:c003... 26667 (RUBICONPR...)
2 51.83.220.94 16276 (OVH)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 54.93.155.250 16509 (AMAZON-02)
1 2a02:2638::24 44788 (ASN-CRITE...)
4 172.64.154.237 13335 (CLOUDFLAR...)
2 3 216.52.2.48 32475 (SINGLEHOP...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 167.235.242.31 24940 (HETZNER-AS)
6 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.222.247.205 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 91.218.215.4 42352 (QOS)
13 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
4 2607:f8b0:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.2.146 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
9 17 142.251.208.162 15169 (GOOGLE)
2 8 185.80.39.216 27381 (CASALE-MEDIA)
2 142.250.186.98 15169 (GOOGLE)
2 2 3.124.207.220 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 2600:9000:239... 16509 (AMAZON-02)
1 2 51.89.9.253 16276 (OVH)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 184.30.209.152 16625 (AKAMAI-AS)
2 172.64.151.162 13335 (CLOUDFLAR...)
1 13.248.245.213 16509 (AMAZON-02)
2 23.35.236.201 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
1 185.64.190.78 62713 (AS-PUBMATIC)
4 15.197.193.217 16509 (AMAZON-02)
3 5 209.54.182.161 16509 (AMAZON-02)
1 1 185.89.210.141 29990 (ASN-APPNEX)
5 6 37.157.6.242 198622 (ADFORM)
2 2 135.125.160.160 16276 (OVH)
2 2 151.101.66.49 54113 (FASTLY)
1 1 185.29.134.244 30419 (MEDIAMATH...)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TWELVE99 ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 5 67.220.228.202 16509 (AMAZON-02)
2 2 141.94.170.77 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 35.204.158.49 396982 (GOOGLE-CL...)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 185.64.190.81 62713 (AS-PUBMATIC)
262 72
28    2606:4700:10::6816:3749 (United States)

ASN13335 (CLOUDFLARENET, US)
biz.nv.ua
static.nv.ua
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    54.37.238.28 (Poland)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
1    89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua
c.hit.ua
4    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    138.199.37.229 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-229.bunnyinfra.net
cdn.membrana.media
3    185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    2606:4700:e0::ac40:6522 (United States)

ASN13335 (CLOUDFLARENET, US)
images.weserv.nl
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:10::ac43:175a (United States)

ASN13335 (CLOUDFLARENET, US)
counter.nv.ua
15    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
3    18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net
c.amazon-adsystem.com
4    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-47.bunnyinfra.net
ym-tack.b-cdn.net
1    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
7    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    54.93.155.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-155-250.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    167.235.242.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.242.235.167.clients.your-server.de
server.smartytech.io
6    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
1    52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    91.218.215.4 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua
membrana-cdn.media
13    2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
23    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2607:f8b0:4007:80e::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:400e:2::9 (Ireland)

ASN15169 (GOOGLE, US)
rr4---sn-5hnekn7k.googlevideo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
17    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
cm.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    3.124.207.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-207-220.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2600:9000:2394:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    2a02:26f0:11a::6867:4808 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    184.30.209.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-209-152.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
6    37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3601:8218:ef5f:5750:723c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
46 googlesyndication.com
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
407 KB
46 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321
259 KB
29 nv.ua
biz.nv.ua — Cisco Umbrella Rank: 883045
static.nv.ua — Cisco Umbrella Rank: 295464
counter.nv.ua — Cisco Umbrella Rank: 460548
480 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
eus.rubiconproject.com — Cisco Umbrella Rank: 532
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
16 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960
56 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
353 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 444
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 702
simage2.pubmatic.com — Cisco Umbrella Rank: 654
image2.pubmatic.com — Cisco Umbrella Rank: 862
aud.pubmatic.com — Cisco Umbrella Rank: 4371
simage4.pubmatic.com — Cisco Umbrella Rank: 1186
27 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 487
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
dsum.casalemedia.com — Cisco Umbrella Rank: 1297
9 KB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4562
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
3 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com — Cisco Umbrella Rank: 413
25 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 4186
c1.adform.net — Cisco Umbrella Rank: 590
3 KB
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
166 KB
6 weserv.nl
images.weserv.nl — Cisco Umbrella Rank: 75141
44 KB
6 membrana.media
cdn.membrana.media — Cisco Umbrella Rank: 67304
251 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 698
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
dis.criteo.com — Cisco Umbrella Rank: 703
8 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5983
adservice.google.de — Cisco Umbrella Rank: 8470
2 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 63644
ls.hit.gemius.pl — Cisco Umbrella Rank: 12987
22 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
1 KB
4 gstatic.com
csi.gstatic.com
489 B
4 b-cdn.net
ym-tack.b-cdn.net — Cisco Umbrella Rank: 62359
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
173 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 427
348 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 595
2 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3812
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26833
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2968
918 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4845
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
638 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 992
843 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1594
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
487 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 689
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
58 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 506
eb2.3lift.com — Cisco Umbrella Rank: 333
723 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11914
816 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
20 KB
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 161097
24 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
157 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 373
705 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
620 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 788
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 636
588 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
725 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1299
48 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 679
439 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1808
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31333
607 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 611
191 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
1 googlevideo.com
rr4---sn-5hnekn7k.googlevideo.com — Cisco Umbrella Rank: 73214
3 MB
1 membrana-cdn.media
membrana-cdn.media — Cisco Umbrella Rank: 71851
21 KB
1 smartytech.io
server.smartytech.io — Cisco Umbrella Rank: 612199
246 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5843
280 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 524503
169 B
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 180841
310 B
262 56
Domain Requested by
23 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
biz.nv.ua
18 biz.nv.ua biz.nv.ua
17 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
biz.nv.ua
13 s0.2mdn.net imasdk.googleapis.com
biz.nv.ua
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
s0.2mdn.net
10 googleads.g.doubleclick.net b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 static.nv.ua biz.nv.ua
8 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 ib.adnxs.com 3 redirects cdn.membrana.media
googleads.g.doubleclick.net
acdn.adnxs.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 cdn.jsdelivr.net cdn.membrana.media
6 www.google.com 1 redirects biz.nv.ua
tpc.googlesyndication.com
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
6 images.weserv.nl biz.nv.ua
6 cdn.membrana.media biz.nv.ua
cdn.membrana.media
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 fastlane.rubiconproject.com cdn.membrana.media
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 match.adsrvr.org ssum-sec.casalemedia.com
ads.pubmatic.com
4 csi.gstatic.com imasdk.googleapis.com
4 ym-tack.b-cdn.net cdn.membrana.media
4 www.googletagservices.com biz.nv.ua
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
4 gaua.hit.gemius.pl 1 redirects biz.nv.ua
gaua.hit.gemius.pl
3 simage2.pubmatic.com ads.pubmatic.com
3 imasdk.googleapis.com cdn.membrana.media
imasdk.googleapis.com
3 b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 ap.lijit.com 2 redirects cdn.membrana.media
3 c.amazon-adsystem.com cdn.membrana.media
c.amazon-adsystem.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 gu.dyntrk.com 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 ads.pubmatic.com cdn.membrana.media
ads.pubmatic.com
2 eus.rubiconproject.com cdn.membrana.media
eus.rubiconproject.com
2 onetag-sys.com 1 redirects
2 pm.w55c.net 2 redirects
2 googleads4.g.doubleclick.net biz.nv.ua
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn.membrana.media
static.criteo.net
2 a4p.adpartner.pro cdn.membrana.media
2 www.google.de biz.nv.ua
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 unpkg.com 1 redirects biz.nv.ua
2 www.google-analytics.com www.googletagmanager.com
biz.nv.ua
2 s.zmctrack.net biz.nv.ua
2 www.googletagmanager.com biz.nv.ua
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com cdn.membrana.media
1 eb2.3lift.com cdn.membrana.media
1 js-sec.indexww.com cdn.membrana.media
1 code.createjs.com s0.2mdn.net
1 s.ad.smaato.net 1 redirects
1 tr.blismedia.com b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 pixel-sync.sitescout.com b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
1 www.youtube.com
1 mug.criteo.com
1 rr4---sn-5hnekn7k.googlevideo.com
1 membrana-cdn.media biz.nv.ua
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 server.smartytech.io cdn.membrana.media
1 hbopenbid.pubmatic.com cdn.membrana.media
1 htlb.casalemedia.com cdn.membrana.media
1 bidder.criteo.com cdn.membrana.media
1 tlx.3lift.com cdn.membrana.media
1 ghb.adtelligent.com cdn.membrana.media
1 adx.adform.net cdn.membrana.media
1 loadercdn.net biz.nv.ua
1 counter.nv.ua biz.nv.ua
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 c.hit.ua biz.nv.ua
262 91
Subject Issuer Validity Valid
nv.ua
Cloudflare Inc ECC CA-3		 2022-05-03 -
2023-05-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
hit.ua
R3		 2022-12-16 -
2023-03-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
cdn.membrana.media
R3		 2023-01-18 -
2023-04-18		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-21 -
2023-05-21		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
loadercdn.net
R3		 2022-12-28 -
2023-03-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
adpartner.pro
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
smartytech.io
R3		 2023-01-03 -
2023-04-03		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.membrana-cdn.media
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-01-03 -
2023-03-14		 2 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 31 frames:

Primary Page: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Frame ID: 65002CA4EF3D08A485D9A1C5706E9524
Requests: 117 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 4DE1622872B518B00A47B1CB2389D421
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 34680237326ADC7B33B7C64B23E95A83
Requests: 1 HTTP requests in this frame

Frame: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 742BB2F1D921DE7014F5470DCE695687
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 4DAC79660ECCA22EFF1776D4988D068D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: 5A4039F71D1083E9CC1910B1F8AE0AE3
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=biz.nv.ua
Frame ID: DE20CEB5B6E95BDE19EEA337EC049669
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D74BD14E0BF76A16701EBC9E0F3C3BE0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E43C153E37ADB6E65CB077F053C05E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 1286DA04FBB57B37094FCBE2E99C5074
Requests: 3 HTTP requests in this frame

Frame: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BA3709ECE2AF884B70E0CE1D4F07C23
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Frame ID: C80991C54EAF32BBC9450CD95614261D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7F28EE49A888883B00E1797F9543D764
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F5C369A643A3A944F833CC4E1E54BD6
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7dz7kk7EvLH1EAbuVNtRofuYQfQOEDlXbViSlkLClb4KchgYltHwERJPKM-WoQZPS3uz3-qpjoboR3vMQ6HEDvZNRbjKR9E88CcpgPFJ65pscJy4jo4Y2bLpmmiVSnUvLAvSc3g3SBp0xgkgDrMzSwdsyZWX2zn8YJalYG_5Pa3OygGAmM4Z9Q8Dd0kmoqqjABhAdarVP95x05KEJt0B-cX9_cP7YywmAeaDA5wA-F9an0yNK5uQ45S32IOpxZDUTwyLFyZCXEts6KQJpR8BFigxZAfxCXWf5puXTcRNDq_w_3nVXeg9SY8sNrTw_6w&sai=AMfl-YSdBO2RNP6x-PRKEJM977fxBQTFnZee4D3bQfybVP1hES-3Fy4VPVp4Ib_7aff2G5P-T5C6EMETRDjzVVyAPGiLeBkEqTjB5s2fWgxMcp_hAqzaz6a6NS-O8uQ9MoNI&sig=Cg0ArKJSzOTHQZkyXg7LEAE&uach_m=[UACH]&adurl=
Frame ID: E18DCBAC98C87A3E362EC8D4FEA2C28F
Requests: 8 HTTP requests in this frame

Frame: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC72DB0F7B495CE5BCD3BB8500BD71C7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Frame ID: F255525B111421D0744EC6C5864AA2A5
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Frame ID: E2CBC2CDB04B7DB84DE8A561C34CA3DA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9DD852B1C3FAE1F5CD3A317F1961AAA5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 41DE11D370E9230EA75E30873C183676
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FAFAF320141F44290780545CE12275B8
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1D4941230079B5F0170C8AD0A83F7EA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Frame ID: 3494D375F14B5875AF822345CD3764F9
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70E80AD68342F0FC64FBD87CC6EF3B7B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A3224F1C76686152A78CB5F4AE5101D0
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
Frame ID: B97EB478B220A94C30C0534E7BCDB17B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47df63c9-37a4-4d00-92db-2c43f3054200&gdpr=0&gdpr_consent=
Frame ID: 60192CA389DAACBD01C24E3273840BF2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4050588184932311287
Frame ID: 599EAC3A106AF51BFB6AB27266E80572
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 301C1D093F6735CA3591413A68F1E2CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
Frame ID: ACDBA3152B924556F05C9BAC4DC2F125
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 866C51D6FA090DA7A38CE1816DB53F22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Укрексімбанк ― прогноз на 2023 і трансформація під час війни ― Сергій Єрмаков ― Новини України / NV

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

262
Requests

87 %
HTTPS

40 %
IPv6

56
Domains

91
Subdomains

72
IPs

12
Countries

5875 kB
Transfer

10692 kB
Size

67
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js
Request Chain 54
  • https://gaua.hit.gemius.pl/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=kNWw6JDb0fHjLMiLetZ7oHyK02NmyCdX7IVr0B08Iwj.L7LRH7REiF5i_T3HAwJ3pl2zc7fxgrx0fTVVYHCKB_yGU95N/ISsqz1NFXd2mg/&fpdata=ludlqad0S9hUU2TYHYnigMTNSvA1nULxoGhMO3IbjJ3.Q7&ltime=189&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63c937a020f96fe7&brts=1674131360&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=kNWw6JDb0fHjLMiLetZ7oHyK02NmyCdX7IVr0B08Iwj.L7LRH7REiF5i_T3HAwJ3pl2zc7fxgrx0fTVVYHCKB_yGU95N/ISsqz1NFXd2mg/&fpdata=ludlqad0S9hUU2TYHYnigMTNSvA1nULxoGhMO3IbjJ3.Q7&ltime=189&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63c937a020f96fe7&brts=1674131360&fpcap=
Request Chain 126
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=biz.nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KlsCmHxxSkNtNzNOT3lreVp5dFhQOFhHYkM1WVMrMEJ0UTFKejJJelZ0QkRPL293NGFoT0JMOVl0cG44NEV3VFVOazcyckpnL3EvR2lubFNaemZIMEVPNE5qSzd0aG1uMmxkQ2hhbGRmZ1lVZmo4QWNnb2JJaFlqUWhVZC8wZHNqTGNMOFhsN05TTkVneGxaL0RHc2x2c25mM3diOFk4alEyemw0bnBtSzdKVXJHejBUMU9pNWVhT28weFpTeUhOOE9PaHVENGxwOVF2a3dvWVBtck5DRDhrWk5zNEhNdnoyT0EvM2lERkhRVk1wSzFGeVAwVVBrc0V5TDBlMjhaWXN2SzlvOVZQK0ZxYjY4TkNZNG0rdkQyWWppdz09fA&cppv=2
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
Request Chain 155
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8k3ogmCpQCNKSh0A8gj3AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIZ1Unur1pQrkYWJWwuSpT8&google_cver=1
Request Chain 157
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5MDY2MTYwNjA4NDg1NTY3NA%3D%3D
Request Chain 178
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqMO9PRj1ToE_w-oPSqE9tLOdk55eopOyBOJZzZ34TBBIUZ6z5L2OWU HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqMO9PRj1ToE_w-oPSqE9tLOdk55eopOyBOJZzZ34TBBIUZ6z5L2OWU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZW1oZGtWT2kxUGl1Mkw1&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqMO9PRj1ToE_w-oPSqE9tLOdk55eopOyBOJZzZ34TBBIUZ6z5L2OWU
Request Chain 180
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDCNtARVkw0BKocMiKE1hIw&google_cver=1&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoBp4615c7RkX_bPPGo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoBp4615c7RkX_bPPGo&google_hm=6Yu9cXA4TPuBV--aNE07Xk4
Request Chain 182
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELYgs9_l_hqgfug2SqYu_gA&google_cver=1&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELYgs9_l_hqgfug2SqYu_gA&google_cver=1&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk&google_hm=GAyttGZHIlOHd5RpSfa1aW0v
Request Chain 183
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPwFGy64oFlHSwgMDUladjE&google_cver=1&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf4sNjcS_Chz4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf4sNjcS_Chz4
Request Chain 184
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO0K2Xaak7UxtW_QEIHYU3A&google_cver=1&google_push=AavPq0MH6zEhFBuIwrxNSZzgJgR21Ir4zNxniTNUYZFzFkO-GOGljcp4GPacGy6noBlsghP8zo91WFbqXWNDiRNsl_IRQH4jTcRx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MH6zEhFBuIwrxNSZzgJgR21Ir4zNxniTNUYZFzFkO-GOGljcp4GPacGy6noBlsghP8zo91WFbqXWNDiRNsl_IRQH4jTcRx HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 210
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP15tJT4v38Y0rLKIMoTces&google_cver=1
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&dcc=t
Request Chain 227
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1890661606084855674
Request Chain 228
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3248889564140031137&expiration=1675340964
Request Chain 229
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 230
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1890661606084855674
Request Chain 231
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y8k3pAAAkj_KvQA_ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y8k3pAAAkj_KvQA_&_test=Y8k3pAAAkj_KvQA_
Request Chain 233
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
Request Chain 234
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47df63c9-37a4-4d00-92db-2c43f3054200&gdpr=0&gdpr_consent=
Request Chain 235
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4050588184932311287
Request Chain 236
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 237
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
Request Chain 238
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PVDoL2MlQnCLdCOf9EBaXQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 240
  • https://pixel.onaudience.com/?partner=214&mapped=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ac31b99240fa8ac9d3a04ac13530e0ac&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 241
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D50E82F-6325-4270-8B74-239FF4405A5D&addseg=19,36,42
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q1MEU4MkYtNjMyNS00MjcwLThCNzQtMjM5RkY0NDA1QTVE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhSYD04Ur1Hu62s3VdW0Jo&google_cver=1
Request Chain 245
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1762804424894346467
Request Chain 247
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b9U2513aJTaD3QQ6O3p7zQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FkQI0QRE2oK8N7Fkt8Ftue0TkOMZV77A3pJy6A--~A
Request Chain 248
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD32L5E4-8-6WHI
Request Chain 249
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eNN6syc2RjeBrakwDih2Yw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eNN6syc2RjeBrakwDih2Yw
Request Chain 250
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ytLp8tL5TFaCNZ5QlSOR2A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ytLp8tL5TFaCNZ5QlSOR2A
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXZ5UZ7A0-8X43rC8r_b2w&google_cver=1
Request Chain 253
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzMkw1RTQtOC02V0hJ
Request Chain 254
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1NmFmZjJmY2RmYmU3ZTgwYmYwYTU5ZDg2YzRmMjc4ZmQ0ODNiMQ

262 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
biz.nv.ua/ukr/finance/ 		124 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84ed7072cfc75b0d2a7f178741ed9247ad0d2fe0db550212b67d7a9bff5e194

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
MISS
cf-ray
78bf93499e62163e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Jan 2023 12:29:20 GMT
last-modified
Thu, 19 Jan 2023 02:35:06 GMT
nv-cache
432000s
server
cloudflare
varnish-ttl
432000.000
vary
Accept-Encoding
x-cache
hit cached
x-cacheable
1
x-varnish-hash
GET:biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html:desktop
article.css
biz.nv.ua/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/css/article.css?4.122
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22350330c9b2975ff26f03c0bf981222a426809ddec8157b331bd701cca7085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 06 Jan 2023 09:37:55 GMT
server
cloudflare
age
263272
cf-polished
origSize=144909
etag
W/"63b7ebf3-2360d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31557600
cf-ray
78bf9349eeca163e-FRA
expires
Wed, 17 Jan 2024 11:21:28 GMT
nv_logo_biz_new.svg
biz.nv.ua/images/main/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/main/nv_logo_biz_new.svg
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e427c4e225c2004c0d0dac2ebc2f8fa6611e6a1d2a78539747e8e54159e3bc1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 07:56:48 GMT
server
cloudflare
age
1743746
etag
W/"63ae99c0-1332"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31557600
cf-ray
78bf9349eecb163e-FRA
expires
Sun, 31 Dec 2023 08:06:54 GMT
1d2aa19b8e1ad3aa2810b2eb42878cbe.jpg
static.nv.ua/shared/system/Article/posters/002/625/802/original/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/Article/posters/002/625/802/original/1d2aa19b8e1ad3aa2810b2eb42878cbe.jpg?q=85&stamp=20230116183225&w=900&f=webp
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4835c5cc0ac1002b1da96d54aa032c45f2dde706b2fa01e2a1c4508a1d77a267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Mon, 16 Jan 2023 16:14:33 GMT
server
cloudflare
age
188188
etag
"1970080c0789c5f94f6248289ff7449c"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934a2f29163e-FRA
expires
Thu, 16 Feb 2023 08:12:51 GMT
gtm.js
www.googletagmanager.com/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a8ea66fd231e5370c5a635712c222158616c022cc6c4d8f2233cef97ff48212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85060
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Jan 2023 12:29:20 GMT
icons.ttf
biz.nv.ua/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/fonts/icons.ttf?686a3322dd25953a70b02d42b58ae3c0
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer
https://biz.nv.ua/css/article.css?4.122
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Oct 2021 11:43:45 GMT
server
cloudflare
age
4746868
etag
"616eaf71-3914"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a1f22163e-FRA
content-length
14612
expires
Sun, 26 Nov 2023 13:54:52 GMT
noto-sans-v12-latin_cyrillic-ext-regular.woff2
biz.nv.ua/fonts/noto/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer
https://biz.nv.ua/css/article.css?4.122
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jul 2021 09:18:16 GMT
server
cloudflare
age
27649367
etag
"60e41fd8-9578"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a1f24163e-FRA
content-length
38264
expires
Mon, 06 Mar 2023 12:06:33 GMT
noto-sans-v12-latin_cyrillic-ext-700.woff2
biz.nv.ua/fonts/noto/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer
https://biz.nv.ua/css/article.css?4.122
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jul 2021 09:18:16 GMT
server
cloudflare
age
8622794
etag
"60e41fd8-944c"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a2f27163e-FRA
content-length
37964
expires
Thu, 12 Oct 2023 17:16:06 GMT
noto-serif-v9-latin_cyrillic-ext-regular.woff2
biz.nv.ua/fonts/noto/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer
https://biz.nv.ua/css/article.css?4.122
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jul 2021 09:18:16 GMT
server
cloudflare
age
27649367
etag
"60e41fd8-d430"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a3f3f163e-FRA
content-length
54320
expires
Mon, 06 Mar 2023 12:06:33 GMT
label_business.png
biz.nv.ua/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/label_business.png
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad026905193dc101bc4a469a53ea1fd8c463cda036f633db922ef6dd9b376bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
586895
cf-polished
origFmt=png, origSize=3108
content-disposition
inline; filename="label_business.webp"
content-length
1058
cf-bgj
imgq:85,h2pri
last-modified
Fri, 06 Jan 2023 09:31:33 GMT
server
cloudflare
etag
"63b7ea75-c24"
vary
Accept
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a3f48163e-FRA
expires
Sat, 13 Jan 2024 17:27:44 GMT
noto-serif-v9-latin_cyrillic-ext-700.woff2
biz.nv.ua/fonts/noto/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer
https://biz.nv.ua/css/article.css?4.122
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Jul 2021 09:18:16 GMT
server
cloudflare
age
6816245
etag
"60e41fd8-e8b8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934a3f4a163e-FRA
content-length
59576
expires
Thu, 02 Nov 2023 15:05:15 GMT
50297848.html
biz.nv.ua/ukr/get_media_paywall_block/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/ukr/get_media_paywall_block/50297848.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6863fb83a72e216e1d9fdb9922a02c770df702fccc2342d980b0a5be824a2b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-varnish-hash
GET:biz.nv.ua/ukr/get_media_paywall_block/50297848.html:desktop
x-cacheable
1
server
cloudflare
cf-cache-status
DYNAMIC
age
0
vary
Accept-Encoding
x-cache
miss cached
content-type
text/html; charset=UTF-8
nv-cache
900s
x-robots-tag
noindex
varnish-ttl
900.000
cf-ray
78bf934a4f59163e-FRA
long.html
biz.nv.ua/ukr/get_right_column/2294/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/ukr/get_right_column/2294/long.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d8295bd07bd2b4213146589bc6868c781199e3f5ea64c5924035fddee2dc87d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-varnish-hash
GET:biz.nv.ua/ukr/get_right_column/2294/long.html:desktop
x-cacheable
1
server
cloudflare
cf-cache-status
DYNAMIC
age
0
vary
Accept-Encoding
x-cache
miss cached
content-type
text/html; charset=UTF-8
nv-cache
300s
varnish-ttl
300.000
cf-ray
78bf934a4f5d163e-FRA
xgemius.js
gaua.hit.gemius.pl/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
last-modified
Fri, 13 Jan 2023 15:19:30 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
17134
expires
Fri, 20 Jan 2023 00:29:20 GMT
hit
c.hit.ua/ 		43 B
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.29810427143407514&r=&u=https%3A//biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
policyref="/w3c/p3p.xml", CP="UNI"
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
server
nginx/1.17.9
expires
0
all_scripts.min.js
biz.nv.ua/scripts/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/scripts/all_scripts.min.js?4.122
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42466df3f55e9b48797e965515b880050fd48e48077a06ee09e8d15fd50656a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Jan 2023 10:59:19 GMT
server
cloudflare
age
263272
etag
W/"63c52e07-21434"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31557600
cf-ray
78bf934abfb8163e-FRA
expires
Wed, 17 Jan 2024 11:21:27 GMT
2294.html
biz.nv.ua/ukr/get_additional_blocks/ 		42 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/ukr/get_additional_blocks/2294.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79cde4d0b60c56142809fea0fda634ac984eecaa3e8cfe76f90117f94be449a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-varnish-hash
GET:biz.nv.ua/ukr/get_additional_blocks/2294.html:desktop
x-cacheable
1
last-modified
Thu, 19 Jan 2023 12:11:01 GMT
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
x-cache
hit cached
content-type
text/html; charset=UTF-8
nv-cache
900s
cache-control
max-age=600
varnish-ttl
900.000
cf-ray
78bf934abfbd163e-FRA
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebcad5fbe55845bbc7a8763b4f8f9c04e84bc1908607603e8835ac6f9304ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27781
x-xss-protection
0
server
sffe
etag
"1456 / 260 of 1000 / last-modified: 1674130032"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Jan 2023 12:29:20 GMT
ym.js
cdn.membrana.media/nvr/ 		418 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/nvr/ym.js?3
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
43f08b3ddaf6e93e58e4fb5d8092a7a4d56429d1e27b1fd603dc465c0fe8d443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-165
cdn-cachedat
01/17/2023 13:14:46
cdn-pullzone
139012
last-modified
Tue, 17 Jan 2023 12:39:06 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
300
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c696ea-688d1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
b57995444e1cdc39f6b7c4a0c10d2b58
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
z
s.zmctrack.net/ Frame 4DE1 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
dc47c70a7bcc4130d0191bf4583da8d281fe4be3f9cd9b938ee103d0a202a961

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23744
expires
Thu, 01 Jan 1970 00:00:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Jan 2023 12:21:52 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
448
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Thu, 19 Jan 2023 14:21:52 GMT
web-vitals.iife.js
unpkg.com/web-vitals@3.1.1/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.1/dist/web-vitals.iife.js
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
743350
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GPEV5AZDEKRQGG0J1ZTMFJ16-fra
server
cloudflare
etag
W/"1b24-GqgswdM7opiZOqFSwUlHVut+Xpk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b3884bb44-FRA

Redirect headers

date
Thu, 19 Jan 2023 12:29:20 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GQ500YJ0XK3C5J5TG71DJ4K2-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
53
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.1/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
78bf934b082ebb44-FRA
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33bd4ea89a87decec79d8d5ac450081fd94618bacf34bd71b2674f0db4e41b99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75560
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 19 Jan 2023 12:29:20 GMT
author-arrow-business.svg
biz.nv.ua/images/ 		419 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/author-arrow-business.svg
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9522acd7d75fb486c83e619729e7004bc451578956b6a3180ae05e1e15b390b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/css/article.css?4.122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
cloudflare
age
27649204
etag
W/"5e6ff361-1a3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31557600
cf-ray
78bf934af804163e-FRA
expires
Mon, 06 Mar 2023 12:09:16 GMT
5d781274fb6fd38e954f00e1a85d76b2.png
static.nv.ua/shared/system/opinion_authors/avatars/000/020/104/original/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/020/104/original/5d781274fb6fd38e954f00e1a85d76b2.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e248b7e3e582fd7b3237d0c4a06ba9b34d0d0d8f758afeacc97eac9cb4e35682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
176623
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 10:25:13 GMT
server
cloudflare
etag
"6d4d07801f79e24bd900a2b437cb9133"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b0817163e-FRA
expires
Thu, 16 Feb 2023 11:25:37 GMT
5e3178f3c6553a4c4e8f59e34ef9269b.png
static.nv.ua/shared/system/opinion_authors/avatars/000/020/100/original/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/020/100/original/5e3178f3c6553a4c4e8f59e34ef9269b.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990127d02183640ddf1e7378afe073db429cd8b3f48094492df17b493e61b050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
259335
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Jan 2023 11:20:22 GMT
server
cloudflare
etag
"5f538197db91c7d50e289b960370862e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b081b163e-FRA
expires
Wed, 15 Feb 2023 12:27:04 GMT
8fd710e11fc7329de96d97f0106ec3f5.png
static.nv.ua/shared/system/opinion_authors/avatars/000/017/986/original/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/017/986/original/8fd710e11fc7329de96d97f0106ec3f5.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c2e392da9d5988870eac1cbb21e20db0bf02eece7ef5067d7fceeddb67794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
172276
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 11:31:48 GMT
server
cloudflare
etag
"55a8e945e528f285aeb9ddedefa93de7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b081d163e-FRA
expires
Thu, 16 Feb 2023 12:38:04 GMT
1d2aa19b8e1ad3aa2810b2eb42878cbe.jpg
static.nv.ua/shared/system/Article/posters/002/625/802/original/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/Article/posters/002/625/802/original/1d2aa19b8e1ad3aa2810b2eb42878cbe.jpg?q=85&stamp=20230116183225&w=300&f=webp
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add4038d4e5d4746e426c523af9061158ed4e2c776ddfb478508289f4fd3f960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 07:09:33 GMT
server
cloudflare
age
188295
etag
"d5bfbcc73f461edb9d62321c404e605c"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b081e163e-FRA
expires
Thu, 16 Feb 2023 08:11:05 GMT
48e61e2f00aae034dbe8988355cc9872.jpg
static.nv.ua/shared/system/Article/posters/002/625/641/original/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/Article/posters/002/625/641/original/48e61e2f00aae034dbe8988355cc9872.jpg?q=85&stamp=20230117102938&w=300&f=webp
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53277139dfae52a06e406049f1f8a0b1246ba55919c6e0cc8844d55530c26c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 08:50:36 GMT
server
cloudflare
age
182258
etag
"d67a0dc4e04d5be2fd424069d538a7c8"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b2845163e-FRA
expires
Thu, 16 Feb 2023 09:51:42 GMT
f9d3fcc2f4f6c73f7b9cb3270a6b9229.jpg
static.nv.ua/shared/system/Article/posters/002/626/409/original/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/Article/posters/002/626/409/original/f9d3fcc2f4f6c73f7b9cb3270a6b9229.jpg?q=85&stamp=20230119093453&w=300&f=webp
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff72de643857119f752b8d43ffe801de74b4cbcf7889ebabee4247d3ca547cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
public
date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
last-modified
Thu, 19 Jan 2023 06:40:24 GMT
server
cloudflare
age
17308
etag
"8984c8da4affacb1102db5a7180b7030"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b2848163e-FRA
expires
Sat, 18 Feb 2023 07:40:52 GMT
sych-2.png
biz.nv.ua/images/paywall/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/paywall/sych-2.png
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5193a52af77ea2744cb6f3b28c8aad043c86ce78d64f2582f8dc624edd7a324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
1181541
cf-polished
origFmt=png, origSize=28859
content-disposition
inline; filename="sych-2.webp"
content-length
27798
cf-bgj
imgq:85,h2pri
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
cloudflare
etag
"5e6ff361-70bb"
vary
Accept
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
78bf934b1831163e-FRA
expires
Sat, 06 Jan 2024 20:16:59 GMT
73da522a34237307e0012046a9ae2a63.png
static.nv.ua/shared/system/opinion_authors/avatars/000/020/126/original/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/020/126/original/73da522a34237307e0012046a9ae2a63.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc76a1ce4071cfdfd58fabe15a2f4ba326261265ec4918b1244b61ef521296c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
1479
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 08:48:27 GMT
server
cloudflare
etag
"bf629a501b9e31899de3150e1367ba1a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b3852163e-FRA
expires
Sat, 18 Feb 2023 12:04:41 GMT
32f7eda045c5a989f823c4713fafd53a.png
static.nv.ua/shared/system/opinion_authors/avatars/000/020/123/original/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/020/123/original/32f7eda045c5a989f823c4713fafd53a.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab502a26ed71c5b4e53e37d3b2cb9bdc8b35e389ff6a2fa5e1e9a628af703b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
8509
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Thu, 19 Jan 2023 07:52:45 GMT
server
cloudflare
etag
"8212ad8dce3470aa67badbb9f7172e8c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b3854163e-FRA
expires
Sat, 18 Feb 2023 10:07:31 GMT
fed8e616cc67cff6739d880edafbbd69.png
static.nv.ua/shared/system/opinion_authors/avatars/000/016/907/original/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nv.ua/shared/system/opinion_authors/avatars/000/016/907/original/fed8e616cc67cff6739d880edafbbd69.png?q=85&stamp=1&w=115
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6765d68a6043d2acfea1f892cac9660202af89d3f470cf0fc498caf0bec9bb82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
HIT
age
93056
cf-polished
status=cannot_optimize
x-cache-status
HIT
pragma
public
cf-bgj
imgq:85,h2pri
last-modified
Wed, 18 Jan 2023 08:38:40 GMT
server
cloudflare
etag
"0faf20a0d6f00c64ab261ad83580be9c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78bf934b3856163e-FRA
expires
Fri, 17 Feb 2023 10:38:24 GMT
/
images.weserv.nl/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/new-markup-images/google-play.png&q=75&output=webp&stamp=4.122123
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf3893937b10c292c404ec5f4dc8af789ac69c37dea62641d753058fc26ebbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262827
x-cache-status
HIT
x-upstream-response-length
3965
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1818
last-modified
Mon, 16 Jan 2023 11:07:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBSqQ1nbJ%2Fxwd0YgSKW7OvFzPiAeBq%2F%2FtZkjAhlchazQRBinSsDOKbhMfBWk%2FDwxByTsRBhRzq9krHTHcCRTM0gQzcZknElPMw%2BTXL2V54fdgMUv2vkXBQ9WX3kSCvydD6tQ1xFKzijw%2BDmvUoyQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/new-markup-images/google-play.png>; rel="canonical"
cf-ray
78bf934b9bc99bbe-FRA
expires
Tue, 16 Jan 2024 11:06:00 GMT
/
images.weserv.nl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/new-markup-images/app-store.png&q=75&output=webp&stamp=4.122123
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b95f2a741c46ffe90b9c1a56f054f8ebe4671c02db1e9231a6e4ee8ba211df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262827
x-cache-status
HIT
x-upstream-response-length
2210
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1738
last-modified
Mon, 16 Jan 2023 11:07:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8kwWTMVKZkWezU0uVZpid7pMyPBBSjdEkdvoyC4y0%2F%2BgppVttP%2FqA%2BCQ4xg3FPhfZATk8chA504gBmZcPs9l00F9PpHbXBJvYjJbXBWDypQE8OVcoQTCTx3SdCHb9ZgSPQCb7%2F1jlJ96g7aLiHT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/new-markup-images/app-store.png>; rel="canonical"
cf-ray
78bf934b9bcd9bbe-FRA
expires
Tue, 16 Jan 2024 11:06:00 GMT
/
images.weserv.nl/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/podcasts/nv_podcast_icon.png&q=75&output=webp&stamp=4.122123
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbeb19d323346d493cccccb29b793fc47976e53473c3ecc0040da91d4e569a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263270
x-cache-status
HIT
x-upstream-response-length
1740
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1042
last-modified
Mon, 16 Jan 2023 11:07:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4sxsvJtQtiT%2FqpJjlQa8pg3%2F8FsgYahLh4YsPTupqun0l%2BeKDDoD0IwIw7hJ8fFeBmZbF8GvGxz%2FlHaMgcwBgi%2BtvxPYGd%2B0aG%2BB8Btt0afDHgPXoiyngFqMkd1kL09bB5syL3qRX8SQsy9QWi%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/podcasts/nv_podcast_icon.png>; rel="canonical"
cf-ray
78bf934b9bce9bbe-FRA
expires
Tue, 16 Jan 2024 11:06:00 GMT
/
images.weserv.nl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/podcasts/apple-podcasts.png&q=75&output=webp&stamp=4.122123
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0a51ab242bb448467043229f668da072cd571dd2ec010fb0ca78e87e2e786b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263270
x-cache-status
HIT
x-upstream-response-length
4292
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1832
last-modified
Mon, 16 Jan 2023 11:07:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gyDuJLlFUattwR1V2q98EQKh6JjEq0p1vn8A2US4rJo7kguh8xu%2FHobHvlq7umH7eGVg2l6Ij4WroRg%2BLY5G%2FLWT%2FHc3eGNY1GM00T31v69EIOEYxbpB292fC4RfH%2BvLHYeoGTKyfIirguCbeSE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/podcasts/apple-podcasts.png>; rel="canonical"
cf-ray
78bf934b9bd09bbe-FRA
expires
Tue, 16 Jan 2024 11:06:00 GMT
/
images.weserv.nl/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/podcasts/google-podcasts.png&q=75&output=webp&stamp=4.122123
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce8c3ef4737d7265041eb3ed2c9fede2be978cd0344c34d163b1111d4b1dc58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263270
x-cache-status
HIT
x-upstream-response-length
3300
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1582
last-modified
Mon, 16 Jan 2023 11:07:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zBBxmPrAd5rh99TKb6pxJyi3iuG5cXItynnms6pgbQHzfV8Q1IxdCnA6jcoy0OklkL8rltfZzUURbKLiomhtIRuDRcHi5Zf6ifD9wE%2BYDDNr7WhlONRxExKc42HmgHYulTmxI6jw5An0mcV8x4A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/podcasts/google-podcasts.png>; rel="canonical"
cf-ray
78bf934b9bd19bbe-FRA
expires
Tue, 16 Jan 2024 11:06:00 GMT
/
images.weserv.nl/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://biz.nv.ua/images/paywall/subscriptions/friends_nv.png&q=75&output=webp&stamp=4.122
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6522 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d016254a7998b4e1c57155283e3f7935035519a59aab00e024c88feac3ca8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-images-api
5
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264042
x-cache-status
HIT
x-upstream-response-length
70559
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.webp
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33510
last-modified
Mon, 16 Jan 2023 11:08:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgderKsVXagHPELyihgGYB4FLdbOmTF8QFvXQ059vVfUIwbjVFMb7ZIAvCPPb%2B%2BgxzbHIvRMcoAFq892hTDQDKM2PxLm9ACZRTgqpNtjrPcDp8FWhga4sr1jduLdMiptp1LLggmA023nsnT76cZ9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://biz.nv.ua/images/paywall/subscriptions/friends_nv.png>; rel="canonical"
cf-ray
78bf934b9bd59bbe-FRA
expires
Tue, 16 Jan 2024 11:07:36 GMT
fpdata.js
gaua.hit.gemius.pl/ 		274 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=biz.nv.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
72096d995307f185c4cc7e483d8c00aaacf5edcd6e9903afaaf7387230ff2542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
274
expires
Sat, 18 Feb 2023 12:29:20 GMT
lsget.html
ls.hit.gemius.pl/ Frame 3468 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
507f77775bda327942a9cd365edeb7553f4939a64796b2b40a572868bb873726

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2719
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:20 GMT
etag
PRIVATE7520710249
expires
Sat, 18 Feb 2023 12:29:20 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
collect
region1.analytics.google.com/g/ 		0
334 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe1i0&_p=1833379527&_gaz=1&cid=57635729.1674131361&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674131360&sct=1&seg=0&dl=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&dt=%D0%A3%D0%BA%D1%80%D0%B5%D0%BA%D1%81%D1%96%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%E2%80%95%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BD%D0%B0%C2%A02023%20%D1%96%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%8F%20%D0%BF%D1%96%D0%B4%20%D1%87%D0%B0%D1%81%20%D0%B2%D1%96%D0%B9%D0%BD%D0%B8%20%E2%80%95%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D0%B9%20%D0%84%D1%80%D0%BC%D0%B0%D0%BA%D0%BE%D0%B2%20%E2%80%95%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%2F%20NV&en=page_view&_fv=1&_nsi=1&_ss=1&ep.is_paywall=1&epn.top_category_id=2292&ep.is_infinite=false&ep.is_evergreen=0&ep.paywall_user_id=0&ep.paywall_subscription=none&epn.EditorId=2000016&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=57635729.1674131361&gtm=2oe1i0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=57635729.1674131361&gtm=2oe1i0&aip=1&z=233505991
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
set
counter.nv.ua/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://counter.nv.ua/set?a=50297848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:175a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://biz.nv.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
78bf934c0de72bb0-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Jan 2023 12:29:20 GMT
server
cloudflare
50297848.html
biz.nv.ua/get_article_views/ 		4 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://biz.nv.ua/get_article_views/50297848.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/scripts/all_scripts.min.js?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7850e83feab6c3ccfc3d38abc3e58b0a70c7630a88f0c6436650bf27e8cf61d7

Request headers

Referer
https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-varnish-hash
GET:biz.nv.ua/get_article_views/50297848.html:mobile
x-cacheable
1
last-modified
Thu, 19 Jan 2023 10:04:48 GMT
cf-cache-status
EXPIRED
server
cloudflare
vary
Accept-Encoding
x-cache
miss cached
content-type
text/html; charset=UTF-8
nv-cache
300s
cache-control
max-age=60
varnish-ttl
300.000
cf-ray
78bf934bd905163e-FRA
set
counter.nv.ua/ 		0
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-51943557-1&cid=57635729.1674131361&jid=1216437672&uid=0&gjid=1426355191&_gid=1722124442.1674131361&_u=YCDAgEABAAAAAEAAI~&z=1781253103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1833379527&t=pageview&_s=1&dl=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&ul=en-us&de=UTF-8&dt=%D0%A3%D0%BA%D1%80%D0%B5%D0%BA%D1%81%D1%96%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%E2%80%95%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BD%D0%B0%C2%A02023%20%D1%96%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%8F%20%D0%BF%D1%96%D0%B4%20%D1%87%D0%B0%D1%81%20%D0%B2%D1%96%D0%B9%D0%BD%D0%B8%20%E2%80%95%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D0%B9%20%D0%84%D1%80%D0%BC%D0%B0%D0%BA%D0%BE%D0%B2%20%E2%80%95%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%2F%20NV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1216437672&gjid=1426355191&cid=57635729.1674131361&uid=0&tid=UA-51943557-1&_gid=1722124442.1674131361&gtm=2wg1i0WKM63L&cd2=0&cd3=2000016&cd4=not%20authorized&cd6=2023-01-17%2010%3A07%3A00&cd7=2292&cd8=0&cd9=0&cd10=1&cd11=0&cd12=none&cd16=A&z=179595606
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66109
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 05:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 16 Jan 2024 05:32:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		223 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=biz.nv.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
120034a69b49e19656d4edf06614ad8807428bb216f539bf22e2cd9e2a9a6e6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Thu, 19 Jan 2023 12:29:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51943557-1&cid=57635729.1674131361&jid=1216437672&_u=YCDAgEABAAAAAEAAI~&z=1430083027
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-51943557-1&cid=57635729.1674131361&jid=1216437672&_u=YCDAgEABAAAAAEAAI~&z=1430083027
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=e5c3791fca27cf1c&d=biz.nv.ua
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Jan 2023 12:29:20 GMT
server
openresty
rexdot.js
gaua.hit.gemius.pl/__/_1674131360746/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.nv.u...
  • https://gaua.hit.gemius.pl/__/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.n...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=kNWw6JDb0fHjLMiLetZ7oHyK02NmyCdX7IVr0B08Iwj.L7LRH7REiF5i_T3HAwJ3pl2zc7fxgrx0fTVVYHCKB_yGU95N/ISsqz1NFXd2mg/&fpdata=ludlqad0S9hUU2TYHYnigMTNSvA1nULxoGhMO3IbjJ3.Q7&ltime=189&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63c937a020f96fe7&brts=1674131360&fpcap=
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Server
54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
e9364a073cb8a24a5cefd6c665523f1f7dbf8a4d1108455842a5024d1702dafa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Wed, 18 Jan 2023 12:29:20 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1674131360746/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=kNWw6JDb0fHjLMiLetZ7oHyK02NmyCdX7IVr0B08Iwj.L7LRH7REiF5i_T3HAwJ3pl2zc7fxgrx0fTVVYHCKB_yGU95N/ISsqz1NFXd2mg/&fpdata=ludlqad0S9hUU2TYHYnigMTNSvA1nULxoGhMO3IbjJ3.Q7&ltime=189&fr=1&ref=&inner=_ver%3D335%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=63c937a020f96fe7&brts=1674131360&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 18 Jan 2023 12:29:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		179 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:46:38 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 22:31:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, VIE50-P1
age
2562
x-amz-server-side-encryption
AES256
etag
W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
tfMs_wsvAHlJLBnldtnB_A2Hiq7zCahwPXCvaGag9H-XDIMNA1sj4g==
page_view
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/page_view?NVR;desktop;;page_desktop;d80353|9ea258
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-47.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
video.js
cdn.membrana.media/video/ 		253 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/video.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
3ae49bd17a5157882d29871e0fb3eb94b619833144f0a5faf1f01768ce3dcd92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-169
cdn-cachedat
01/18/2023 16:25:04
cdn-pullzone
139012
last-modified
Wed, 18 Jan 2023 16:24:59 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
224
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c81d5b-3f2c9"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
a7da11b0f9760d0b8b673209fa7d8233
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
currency_file.json
cdn.membrana.media/ 		177 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/currency_file.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
b669fca5e6663957c4e5d5132ae1d70694a3108c035a1e75d2996a95ce533a3f

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
cdn-edgestorageid
1075
cdn-storageserver
DE-198
cdn-cachedat
01/19/2023 08:35:55
cdn-pullzone
139012
last-modified
Thu, 19 Jan 2023 08:30:29 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
324
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c8ffa5-b1"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
cdn-requestid
e5debe70cdaae4293b9b8530656fafc0
cdn-requestcountrycode
RO
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
adx.adform.net/adx/ 		25 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc2NzImcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD03MTYzZjE5Mi03ZjM4LTQ2MTEtYTE5OC1hYzk4MWMzYTU3OTY%3D&bWlkPTE0NDc2ODAmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1jY2I3MTY5OC02MWRmLTQzNzItYmUyYi0wZDI0OTRiYWEzMWU%3D&bWlkPTE0NDc2ODEmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0zYzM5ODM2Ni0yNGMxLTQwZmQtOGNkOS01YmMxN2U1NGFmMzU%3D&bWlkPTE0NDc2ODImcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1kZjIwODFjMS0xYmIxLTRiNzQtOTBlMC00OTM2ZmRhNGQ5ZTM%3D&bWlkPTE0NDc2ODQmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD1hNzdmZmM3NC1kNjY4LTQwMzAtODAxMC0wYzU3NzA2Yzk2ODc%3D&pt=gross&stid=aeb856b1-4fee-4861-b80a-3907033193c2&fd=1
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f3f0b960f461d81b48d29ac360a0f3553add3be3e891fb67878b4f11a0822339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		577 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6d0269984e333e593aed9acc35e7cfcdd7dd41beeb55a592adeacad45a9e3f56
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 19 Jan 2023 12:29:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8e1489cb-a089-46fa-b0d7-8356d64248b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://biz.nv.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2695330&size_id=16&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=7163f192-7f38-4611-a198-ac981c3a5796&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5666267689166025
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
09b897501ca4828754ab9ae96739cc4f63fdcefd07f451d14b7890a6ee1aa2f9

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416510&size_id=2&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=ccb71698-61df-4372-be2b-0d2494baa31e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8893907718984386
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5082b61401d079d3f450d2d1fc6eeaadaeef6da36d3c509f54432993e52e466f

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416520&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=3c398366-24c1-40fd-8cd9-5bc17e54af35&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1223754888887687
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29c9bfe2ca56e218b84a4d26a0d38e2facc1b6a3f45b07edce7b7e91972d2a2a

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416536&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=df2081c1-1bb1-4b74-90e0-4936fda4d9e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9882295656492193
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
47aa92a22af23dde3d2529b936ade8872f3ac9b24741306c19ddeb04dff58963

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416552&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=a77ffc74-d668-4030-8010-0c57706c9687&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02306245561253739
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
030c836a9bf95eedd87775cb3cd5ccd5ce5ca601b23de164f1145ae422a20518

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
a4p.adpartner.pro/hb/ 		193 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=8554,8552,8571,8572,8574&sizes=336x280|600x280,728x90,300x250|300x600,300x250|300x600,300x250|300x600&referer=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
45daba72e560d4d86f15a313a9e642eea3f7f7fc6b0e8c5183d7a8b0dfe41576

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://biz.nv.ua
date
Thu, 19 Jan 2023 12:29:21 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
content-encoding
br
server
nginx
content-type
application/json
/
ghb.adtelligent.com/v2/auction/ 		2 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 19 Jan 2023 12:29:20 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://biz.nv.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
2
auction
tlx.3lift.com/header/ 		19 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&tmax=1000
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.155.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-155-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
accept-ch
sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
x-auction-status
17, 17, 17, 17, 17
content-type
application/json; charset=utf-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=19186994806
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://biz.nv.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22439e62b81bfbb6f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22d213ae40-68fb-4b86-9cbc-771f4345009c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22444258bd727f177%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A336%2C%22h%22%3A280%7D%7D%2C%7B%22id%22%3A%22444258bd727f177%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22600x280%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A600%2C%22h%22%3A280%7D%7D%2C%7B%22id%22%3A%22455c6db500afbcc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2246f652bbd0cf795%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%2246f652bbd0cf795%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2247c0aad2d52b124%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%2247c0aad2d52b124%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2248c5d48fe659fb5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%2248c5d48fe659fb5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2e4b422ea35da03d5cc88c52ef739a364a5141dfef50f8a932fbd7e725351c

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKJDAC%2B01uI%2F2rZeJ0hSeWW7Vi39ad9UPI23BUDAo7anaci0gwFVtLRejvnzzU9NJC9AJ4e2NbrxkZtfTVi9upVLmLfnxh8Hr56CuLgPweR%2Bp7kvbdhIBmo151IqziNPAWJh%2Fgwc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
78bf934d7c469158-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ 		24 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
829c90135a00fb3a03e837a9d149093f68272985ccd9cdd1282803f28797eb97

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 19 Jan 2023 12:29:21 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://biz.nv.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://biz.nv.ua
date
Thu, 19 Jan 2023 12:29:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
geolocation.json
cdn.membrana.media/ 		3 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/geolocation.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-168
cdn-cachedat
01/17/2023 13:14:46
cdn-pullzone
139012
x-ym-country
RO
content-length
3
last-modified
Fri, 11 Mar 2022 13:55:15 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
309
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
"622b54c3-3"
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
x-ym-country, cdn-requestcountrycode
cache-control
public, max-age=86400
cdn-requestid
1b9ef8118d14359cb6efbb6d1be2638d
accept-ranges
bytes
cdn-requestcountrycode
RO
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bid
a4p.adpartner.pro/hb/ 		201 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/hb/bid?tag=9043&sizes=300x250&referer=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
dc4c06733ce100ce7468c742c2de401dcaf07116e24b4c2469cf275052a15fb4

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://biz.nv.ua
date
Thu, 19 Jan 2023 12:29:21 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
content-encoding
br
server
nginx
content-type
application/json
vast
server.smartytech.io/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.smartytech.io/vast?id=20&referer=https://biz.nv.ua
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.235.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.31.242.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
https://biz.nv.ua
date
Thu, 19 Jan 2023 12:29:20 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
x-content-type-options
nosniff
server
nginx
load_playlist_attempt
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_attempt?notsy;NVR;https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json;a4bcf6b5-0d18-45c1-a792-a44f2a758234
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-47.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
videoSources.json
cdn.membrana.media/video/nvr/ukr_desktop/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
7c009e9e36fa96154dc45a8a0d9495e1c7323720f30e5bb77001e4f4779544c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-198
cdn-cachedat
01/18/2023 20:27:31
cdn-pullzone
139012
last-modified
Wed, 18 Jan 2023 20:26:34 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
405
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c855fa-1129"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
285b0b9d15b2224ab4e29c4aeae40d50
timing-allow-origin
*
cdn-requestcountrycode
RO
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
7797918
x-jsd-version
7.10.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10303
x-served-by
cache-fra-eddf8230113-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
video.min.js
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 		507 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:20 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
3852176
x-jsd-version
7.10.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
143136
x-served-by
cache-fra-eddf8230112-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		809 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=454621708&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1674131360944&lmt=1674095706&dlt=1674131360296&idt=600&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ab9095d72935d6b05fa710dbaa4691011273289d64cb6b2685e0337b82642ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
460
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 742B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:21 GMT
expires
Fri, 19 Jan 2024 12:29:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_playlist_success
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/load_playlist_success?notsy;NVR;https://cdn.membrana.media/video/nvr/ukr_desktop/videoSources.json;a4bcf6b5-0d18-45c1-a792-a44f2a758234
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-47.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
config
c.amazon-adsystem.com/cdn/prod/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbiz.nv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:20 GMT
via
1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://biz.nv.ua
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
sZvzsRESevTzWRCvgCYrt-CZyEAWIaUj3L6DbDK8526uUHPzsCCO8g==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&pid=fIyz2dwF6fswu&cb=0&ws=1600x1200&v=23.112.1442&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_490824581%22%2C%22s%22%3A%5B%22336x280%22%2C%22600x280%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_BTA_336%22%7D%2C%7B%22sd%22%3A%22notsy_container_989373850%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATF_728%22%7D%2C%7B%22sd%22%3A%22notsy_container_991254745%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_SBR_300_1%22%7D%2C%7B%22sd%22%3A%22notsy_container_539714639%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_SBR_300_2%22%7D%2C%7B%22sd%22%3A%22notsy_container_245940212%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_SBR_300_4%22%7D%2C%7B%22sd%22%3A%22notsy_container_885365732%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.247.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-247-205.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
B4BZ8YZDPT01S8JMSCHD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
cxb9gl6pg5FTGt5ToxPfYBFPCEL1wtKeH0Mk8VaAx1hAczGP6P-fGQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-213.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
date
Thu, 19 Jan 2023 01:22:08 GMT
x-amz-cf-pop
VIE50-P1
age
40540
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
WFd1tlABlNGXtfuWL8vT40UHtJG90eTylac3kAkbLtydoP77pKcfvw==
z
s.zmctrack.net/ Frame 4DAC 		102 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
8f99d554fb220114912bdba6b95c16dab0c494362f0314b655a387b3ebf5725b

Request headers

Content-language
eyJ4LXBvc3QiOiIxIn0=
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://biz.nv.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125890
x-xss-protection
0
expires
Thu, 19 Jan 2023 12:29:21 GMT
d09fa396-22df-4ada-98dc-0bf296b9440e
https://biz.nv.ua/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://biz.nv.ua/d09fa396-22df-4ada-98dc-0bf296b9440e
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
spinner.svg
biz.nv.ua/images/ 		351 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/spinner.svg
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/css/article.css?4.122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
cloudflare
age
27649202
etag
W/"5e6ff361-15f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31557600
cf-ray
78bf934f0ce8163e-FRA
expires
Mon, 06 Mar 2023 12:09:19 GMT
videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		975 B
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:21 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
6257438
x-jsd-version
6.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
321
x-served-by
cache-fra-eddf8230137-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
videojs.ads.min.js
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:21 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
5662101
x-jsd-version
6.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7260
x-served-by
cache-fra-eddf8230111-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:21 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
6779063
x-jsd-version
1.9.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
941
x-served-by
cache-fra-eddf8230136-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
videojs.ima.min.js
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 12:29:21 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
7797917
x-jsd-version
1.9.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7025
x-served-by
cache-fra-eddf8230052-FRA, cache-hhn-etou8220079-HHN
x-jsd-version-type
version
etag
W/"8de3-vTKcH4aTIzR97yz47tyPsdWDLOI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
videojs_5.vast.vpaid.js
cdn.membrana.media/video/vast.vpaid/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.229 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-229.bunnyinfra.net
Software
BunnyCDN-DE1-865 /
Resource Hash
bef96c9fb1050dfbec9bba9bc7ff1a8c8a805491d35a8c5b15b095eeabd2d9bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-169
cdn-cachedat
01/17/2023 13:14:46
cdn-pullzone
139012
last-modified
Tue, 17 Jan 2023 13:13:33 GMT
server
BunnyCDN-DE1-865
cdn-fileserver
37
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c69efd-21e3a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
6aab1cd81170aad7097c1520708b76a0
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
nv-nv-6731-20230106.webp
membrana-cdn.media/nvr/ukr_desktop/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://membrana-cdn.media/nvr/ukr_desktop/nv-nv-6731-20230106.webp
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.218.215.4 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS
unallocated.qos.kiev.ua
Software
nginx /
Resource Hash
4378bc849a42ff05e81fe01987356e6567085193bea25a64e904b0c0c8718ff0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:37:07 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 06 Jan 2023 19:53:16 GMT
server
nginx
etag
"63b87c2c-532e"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
21294
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://biz.nv.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		306 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_BTA_336&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C600x280&fluid=height&ifi=2&adks=2256566182&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131361332&lmt=1674095706&dlt=1674131360296&idt=600&adxs=477&adys=3428&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=751x0&msz=336x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98c0a072af5f1cb14e5fd4163879a5111c5aba13d71eb17f42376285956101ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		119 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATF_728&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=3&adks=637546007&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131361338&lmt=1674095706&dlt=1674131360296&idt=600&adxs=281&adys=510&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=751x90&msz=728x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88026111275749381b7e9dc8e3fd18cd3ce35ba1d03718f526603e85612f96a4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK7dr6nR0_wCFRm2dwodF3kCAQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13943404572528172021/export/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK7dr6nR0_wCFRm2dwodF3kCAQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13943404572528172021/export/index.html
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44759
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_SBR_300_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=4&adks=1440272241&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131361342&lmt=1674095706&dlt=1674131360296&idt=600&adxs=1065&adys=725&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=300x600&msz=300x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
554e4817f12d9ad6ea8c765d0fdedcc42cdc8314078e82daab3817987be55919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8526
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		308 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_SBR_300_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=5&adks=2552576241&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131361346&lmt=1674095706&dlt=1674131360296&idt=600&adxs=1065&adys=1507&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
933155b9124a2a00d027992c50eb1b4f67bc932df4e7accbc4ab06e68608d52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		308 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_SBR_300_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=6&adks=1278143313&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131361348&lmt=1674095706&dlt=1674131360296&idt=600&adxs=1065&adys=2631&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc9fdaddc1fc7b0343d33c194cc20da8f4f9dc74d14bedbec8bc2b82609eba9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.552.0_en.html
imasdk.googleapis.com/js/core/ Frame 5A40 		703 KB
224 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
228701
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 11:36:01 GMT
expires
Fri, 19 Jan 2024 11:36:01 GMT
last-modified
Wed, 18 Jan 2023 17:45:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:29:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5A40 		80 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=2417672617700697&sz=1x1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&iu=%2F22308795431%2C271925883%2FNVR_DESKTOP_VIDEO%2FNVR_DESKTOP_VIDEO_SUPER_HIGH&cust_params=notsy_v_meta_round%3D1%26notsy_v_round%3D1%26mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect%26notsy_pf%3D9d4153&npa=0&tfcd=0&description_url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&sdkv=h.3.552.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.9.0&sdki=445&ptt=20&adk=1941381611&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&media_url=https%3A%2F%2Fmembrana-cdn.media%2Fnvr%2Fukr_desktop%2Fnv-nv-6731-20230106-desktop.mp4&sid=B33DB7F1-B6EF-4CF1-96AB-196CCF24EBCC&nel=0&eid=44748969%2C44765701%2C44771450&top=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&loc=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&dlt=1674131360296&idt=1213&dt=1674131361539&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&scor=4067059718019503&ged=ve4_td2_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011fcb5635bbb03bf9d3be9f0f3c86e5d76bb8f95a94f5338e9fc9caab54bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16920
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cb3d2450b6727f5b2826cbbd807c11933166145d553aec8bbdac8f59930c881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10905
x-xss-protection
0
down.svg
biz.nv.ua/images/paywall/ 		169 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://biz.nv.ua/images/paywall/down.svg
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/css/article.css?4.122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
553966afb319606760398431ddf0030d8e06167541ce84705d1f69713620c5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/css/article.css?4.122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Mar 2020 21:45:05 GMT
server
cloudflare
age
27636592
etag
W/"5e6ff361-a9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31557600
cf-ray
78bf935208df163e-FRA
expires
Mon, 06 Mar 2023 15:39:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 12:29:21 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Jan 2023 22:25:06 GMT
server
nginx
etag
W/"63bde5c2-162a9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Jan 2023 12:29:21 GMT
csi
csi.gstatic.com/ Frame 5A40 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ld32l5ub&c=5615400123335&slotId=2807700061667.5&qqid=CKjx9ajR0_wCFYuKdwodJ8EOAw&gqid=oTfJY7qlIrSQjuwPtIqu4A4&fb=ima_html5-lima&sdkv=h.3.552.0&ppt=videojs-ima&ppv=1.9.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44748969%2C44765701%2C44771450&met.4=ghmsh_s.ld32l66c~ghmsh_s.ld32l66e&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CkiGj-UkrI3LOs8A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 5A40 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-4272971530084173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:03:18 GMT
x-content-type-options
nosniff
age
1564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 12:53:18 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CybCyoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS3Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vMFtPQzLppJCe8PLlMPNMTVpJbixznWPWfv5WzQCjKwAtLh1z4KKTCC1ANYERLDwATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJMi8Ydoo4zEGACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=MWooSSyWLS0&label=show_ad&sdkv=h.3.552.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiMQDyUAAAxCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1DF_oTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCloCyoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQyNzI5NzE1MzAwODQxNzMYtJt6&sigh=2kI3Nkj0q80&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9dQduoapoje9-BLyG88j-8RaVONF-u-CSVwoOhGC3YVnhz8mtl3YvGoO-bGZE0XMOphb8Xgf_GAEgEw&vt=10&sdkv=h.3.552.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiMQDyUAAAxCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
truncated
/ Frame 5A40 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
syncframe
gum.criteo.com/ Frame DE20 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=biz.nv.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:21 GMT
server
Kestrel
server-processing-duration-in-ticks
834555
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Jan 2023 22:25:06 GMT
server
nginx
etag
W/"63bde5c2-162a9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Jan 2023 12:29:22 GMT
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~ld32l5ly&c=5615400123335&slotId=2807700061667.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A40 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.552.0&e=44748969%2C44765701%2C44771450&id=ima_html5&c=1339978025104511&domain=biz.nv.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-5hnekn7k.googlevideo.com/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1674160161&ei=oTfJY5i5MpCG8gPr_rawAw&ip=2001:ac8:20:271::1e&id=377e44a8c15d1166&itag=22&source=youtube&requiressl=yes&mh=Zp&mm=31&mn=sn-5hnekn7k&ms=au&mv=m&mvi=4&pl=52&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=35.108&lmt=1667591948752781&mt=1674130896&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgISHJd1ohRz6cR3sdHYCDIYqCL8_7GIDGF9Bq9nCVmpsCIQCNTeERNVmcE_9TonWj8iAo78h1iREc9di0dxXRvy5zFA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgQhI23rVuqLsayvkdKxkUJ0DrS2Comr2RmyoSrG0z_pACIDI-q_C134UXzksV43l5PmduF1TMxiaRJlNw24HjnG3X&cpn=CkiGj-UkrI3LOs8A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:2::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
b8e38fc977b80aee6c5572f98f087a78cbeedbbc4c5eb0216b1c3b1a076e0869
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://biz.nv.ua/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 19 Jan 2023 12:29:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 19:59:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2966679/2966680
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2966680
Expires
Thu, 19 Jan 2023 12:29:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D74B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
107861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 06:31:41 GMT
expires
Thu, 18 Jan 2024 06:31:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E43 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09323d3aaa420d3e64acbd830cbe5e2dacf5919df9381a55fe0619b93c986215
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SIUMMjtWZ_FYrNI9JosHoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-SIUMMjtWZ_FYrNI9JosHoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:22 GMT
expires
Thu, 19 Jan 2023 12:29:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame D74B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 16:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 16:17:24 GMT
sid
mug.criteo.com/ Frame DE20
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=biz.nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KlsCmHxxSkNtNzNOT3lreVp5dFhQOFhHYkM1WVMrMEJ0UTFKejJJelZ0QkRPL293NGFoT0JMOVl0cG44NEV3VFVOazcyckpnL3EvR2lubFNaemZIMEVPNE5qSzd0aG1uMmxkQ2hhbGRmZ1lVZmo4QWNnb2JJaFlqUWhVZC...
430 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KlsCmHxxSkNtNzNOT3lreVp5dFhQOFhHYkM1WVMrMEJ0UTFKejJJelZ0QkRPL293NGFoT0JMOVl0cG44NEV3VFVOazcyckpnL3EvR2lubFNaemZIMEVPNE5qSzd0aG1uMmxkQ2hhbGRmZ1lVZmo4QWNnb2JJaFlqUWhVZC8wZHNqTGNMOFhsN05TTkVneGxaL0RHc2x2c25mM3diOFk4alEyemw0bnBtSzdKVXJHejBUMU9pNWVhT28weFpTeUhOOE9PaHVENGxwOVF2a3dvWVBtck5DRDhrWk5zNEhNdnoyT0EvM2lERkhRVk1wSzFGeVAwVVBrc0V5TDBlMjhaWXN2SzlvOVZQK0ZxYjY4TkNZNG0rdkQyWWppdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9c4d989da013234a14046d1d53bc9656e395e711ae9cde79c02e57316fe1eb97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:21 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2430161
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=KlsCmHxxSkNtNzNOT3lreVp5dFhQOFhHYkM1WVMrMEJ0UTFKejJJelZ0QkRPL293NGFoT0JMOVl0cG44NEV3VFVOazcyckpnL3EvR2lubFNaemZIMEVPNE5qSzd0aG1uMmxkQ2hhbGRmZ1lVZmo4QWNnb2JJaFlqUWhVZC8wZHNqTGNMOFhsN05TTkVneGxaL0RHc2x2c25mM3diOFk4alEyemw0bnBtSzdKVXJHejBUMU9pNWVhT28weFpTeUhOOE9PaHVENGxwOVF2a3dvWVBtck5DRDhrWk5zNEhNdnoyT0EvM2lERkhRVk1wSzFGeVAwVVBrc0V5TDBlMjhaWXN2SzlvOVZQK0ZxYjY4TkNZNG0rdkQyWWppdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
658428
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=1492119284604854&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CybCyoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS3Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vMFtPQzLppJCe8PLlMPNMTVpJbixznWPWfv5WzQCjKwAtLh1z4KKTCC1ANYERLDwATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECaCRpodHRwczovL3d3dy5oZXJvLXdhcnMuY29tL7EJMi8Ydoo4zEGACgPICwHQCw7gCwG4DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=MWooSSyWLS0&label=video_ad_loaded&sdkv=h.3.552.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiMQDyUAACBCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 5A40 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 14:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 14:26:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5A40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1DF_oTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCloCyoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhicr_uoAtgTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQyNzI5NzE1MzAwODQxNzMYtJt6&sigh=2kI3Nkj0q80&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9dQduoapoje9-BLyG88j-8RaVONF-u-CSVwoOhGC3YVnhz8mtl3YvGoO-bGZE0XMOphb8Xgf_GAEgEw&sdkv=h.3.552.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVvQJoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=bedYcUYkKpI&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D944%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1684,325,2044,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D35038%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D552%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D209042074%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1674131361192%26ptlt%3D1674131362271%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1674131361994&sdkv=h.3.552.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiYQDyUAACBCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNIkgJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A40 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8rzoJmPLJGUr8vjbodxhV1sde_ah7rrldAPt1Ah4AhyifRFVhwGA11zZXsIULbqIG-kWS7uwKvr8oVjlOkCGjwVIC9herLaYw-i5dsUynaAU4xdOY7KwazgysBXcPz1AIaQKCRwQkEyw97Sx1ht93GyK6Kwoj-39B&sai=AMfl-YRbi9YCJSFYmho88tkiatVXUUP2Wgbw5cwksM9UyI2BJ5NoIpEwqNd2VeMVpqbtbEn9bGvehev733YAPyq6Q5nRvkiWj4XXBlacGefkv45dK-652kMnVDIW49A2vQ&sig=Cg0ArKJSzA4h-Nt0sO1HEAE&cid=CAQSOwDq26N9dQduoapoje9-BLyG88j-8RaVONF-u-CSVwoOhGC3YVnhz8mtl3YvGoO-bGZE0XMOphb8Xgf_GAEgEw&id=lidarv&acvw=sv%3D944%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1684,325,2044,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D35038%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D552%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D209042074%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1674131361192%26ptlt%3D1674131362272%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674131361994&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVvQJoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=bedYcUYkKpI&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D944%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1684,325,2044,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D35038%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D552%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D209042074%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1674131361192%26ptlt%3D1674131362274%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674131361994&sdkv=h.3.552.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiYQDyUAACBCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNIkgJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A40 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.552.0&e=44748969%2C44765701%2C44771450&id=ima_html5&c=1339978025104511&domain=biz.nv.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVvQJoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=bedYcUYkKpI&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=admute&ad_mt=0&acvw=sv%3D944%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1684,325,2044,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D35038%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D12%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D552%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D209042074%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1674131361192%26ptlt%3D1674131362278%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1674131361994&sdkv=h.3.552.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiYQDyUAACBCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNIkgJQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video_ad_session
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/video_ad_session?NVR;desktop;;NVR_VIDEO;Chrome;109.0.5414.74;;6037035151036814
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-47.bunnyinfra.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=biz.nv.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1492119284604854&correlator=3549273066335099&eid=31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fif&iu_parts=271925883%2CNVR_INSTREAM&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=7&adks=1787787015&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D2294%26section%3D2292%26article_id%3D50297848%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie=ID%3D7bf8d5b74e32f167%3AT%3D1674131360%3AS%3DALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q&gpic=UID%3D00000ba56660dcc2%3AT%3D1674131360%3ART%3D1674131360%3AS%3DALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw&abxe=1&dt=1674131362295&lmt=1674095706&dlt=1674131360296&idt=600&adxs=-50&adys=-50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&frm=20&vis=1&psz=1600x4652&msz=0x-1&fws=512&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=57635729.1674131361&ga_sid=1674131361&ga_hid=1833379527&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2974c9daf6a71d4250272eaeaa66d2cdfe5fa25bae22a58889a85bff6319faa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19921
x-xss-protection
0
google-lineitem-id
5951493741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385041881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 1286 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
96529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 09:40:33 GMT
expires
Thu, 18 Jan 2024 09:40:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 1286 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 16:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 16:17:24 GMT
playback
www.youtube.com/api/stats/ Frame 5A40 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701%2C44771450&el=adunit&cpn=CkiGj-UkrI3LOs8A&docid=N35EqMFdEWY&visitordata=CgtBOHhJQ1V5NDFnQQ%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=0.187&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fbiz.nv.ua%2F&len=35.039&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=109.0.5414.74&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
container.html
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BA3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:21 GMT
expires
Fri, 19 Jan 2024 12:29:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 5A40 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ld32l67w&c=5615400123335&slotId=2807700061667.5&qqid=CKjx9ajR0_wCFYuKdwodJ8EOAw&gqid=oTfJY7qlIrSQjuwPtIqu4A4&fb=ima_html5-lima&sdkv=h.3.552.0&ppt=videojs-ima&ppv=1.9.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.ld32l67y~vss_tr.gz~ff.ld32l6g4~vss_pp.vl
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C809 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0BA3 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 12:29:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-A4ga3usBzzg2IDOsF7b-B2GrFUsH-C75DlgMP6XPmaSpGHRK11V9_d90aNTMwbQugfdcjqrPpxwI8Wf6U536kfUHkuQLHICzhAjsf3WNF3meUtI
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7911655425014140400&x=1&ct=119
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0BA3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
65477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:18:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame 0BA3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
65477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:18:05 GMT
l
www.google.com/ads/measurement/ Frame 0BA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqdtL-tUxOpNDaem4hPLUqc5ROgEBcCL2MKB-UT13iFbOLNCenpi8wredp3vqFsBQ_vk3I9BgVx2yTpmjG_jmbbWLB_A
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BA3 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 12:29:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1286 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.552.0&bgai=BNsTooTfJY-icJIuV3gOngrsYAAAAADgBugUTCPr586jR0_wCFTSIgwcdNIUL7A&bg=!rq2lrenNAAYDMoyoIzI7ACkAdvg8WuPe9-upETYIhLXtMr03CBwdaS46e92xUFDQR5rZENQ9HWILHgIAAAB7UgAAAAJoAQcKADMFqEjiT6tY26mQv_C1yFTm652mgeMfNOZnF3u4ZdsVI0AENNEfkziLQ5kA72APWs-i1v2ZAjvGnQqrTpMX-6xz6AQ6fdA4mANuf1WeQkIPMwHG67NO_0NAuJ0qDSjCqUSPFUTLLu8uFe7zVXtKaeV20h1p1cYh20U19KSSePaGe3NSIripxUo6U0gy8fvyMXWpyFjTrIJcm3Q5z8psFeUcmpB2NHasvGLSKFbsWoRrjN2rtAGQqO_oi7W778E6IpM7V9r8EDup3rsqalFDuBoK9rdnxskBWyCN65L20IHf4E-DQEbmdFX6FgNb8GBiSN8zuDkBkmuX-GH13B2OiQHdQvfqVwDbcfrxgHjOjfQUUkmG2caymaq3ul6HtVIhAeCNQejbi8dpimESAF3tifaMEqOcsZL5VfUOa2tpeTbhNv_J6jZgOEa0Le3nLbdop3a9eiffgrBevNCy2_mc7kkB3OO7TTsVxaKBZai_ug0dEenOjgHXgPFu9gnVoysv5YBmJ1Tv1ilYd6fnRRRGbL5b22vFjz1vloMwYruy1AeKFp5nX_ZB45zJui_4HEx0SjakbmbCcVsg-dXw4S92HBnb3CHiWmWRLj246VEiPcxl5o6VMPM3l7JtCUkZkkMhlhCd-IKpVgvv1epRAG3tNyEmwGH1gtd9MGx321cmdsQv6u3PgKCZTm6tI8t7y-pdgPMyuJjYMjVr0i-I46TupArXit5CBQJ1x83-PHXYKw9O5aOUro0lu91Ui_h95qY5UeoNTVd2pJ1NJfQoiZ0AKSI7Qa082A5HioNSVPPl9apOtZlLa1WqicfJQO9a6ByhQSt7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C809
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8k3ogmCpQCNKSh0A8gj3AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAC5imTAZUJ2-IO9wXq8Odc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C809
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIZ1Unur1pQrkYWJWwuSpT8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZ1Unur1pQrkYWJWwuSpT8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:22 GMT
AN-X-Request-Uuid
1b32637d-838a-43cd-b0b7-f1c45400c144
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIZ1Unur1pQrkYWJWwuSpT8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C809
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5MDY2MTYwNjA4NDg1NTY3NA%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5MDY2MTYwNjA4NDg1NTY3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXllwEQns2ngQQYwsHD1wEwAQ&v=APEucNVECa_SFbxA-xmJ_26OIUPXTMwCIUcON34N_Tk0uijk9yoI2uFQx7kMBuXYnNjUhFJjn9rvHCET5YkHagZV2YeUEXZA0K9XdWRCdXjPPl_3KIZUm7carUe63-CFqZ9XMCHaBC3civKEYIs5ah-xzPrFb-aOd-SQfrcAWCs1cfpoHIMDxJQ
Protocol
H2
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 19 Jan 2023 12:29:22 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
079da138-8776-447c-bc2b-c109c17e7942
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg5MDY2MTYwNjA4NDg1NTY3NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4738336063096&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4738336063096&version=m202209210101&ct=119&x=1&cor=7911655425014140000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0BA3 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmL6QNC9TvbaKCqISftgfaI13-RzbyyHHOMS_u5bOYDdLClpOLNZRA-zofHWVueG3hI5b4IAsBXvpwBkeWvx1lA8jK2FB1Fk9W_JsEPzzBSKFUeZytPEWEWh0mbQFnErQQgPUykakD9Skliy2SLcjnR8QUOjaDJJOVPmJ0x3Jtr1JQYxw&cry=1&dbm_d=AKAmf-Cn9o0iVepB0aG6WtxnfD_zI2kgrgO-D6XDhyfgdG5JQmfBDWvihbNQ6idfSspciPWLf5wmgCrFU1vTHDPp-P1iZ6iMq4zg7vIBDMEJphZVmCmY-3PV4vQofi0tKPvcBp61-Fu8c1HxWUuhM4kcasSs8e6lo8YMjPDIEIZWZXLViNaEzeRuh9CXRlNJMERmeVHbK9qGkJBP0w7PKgKE_0aTrSWfyjOdU3R-OblXVUTax_zY1iJfDVPsX3B0oX2bhY1G0blmQnUr8W0AXvh96vWIyOKc6MjV-OYtYE2foOjIkT0OZXA0Q99w2Ipyq5S_5Y_YW4MMp-OtiE4Rfc2JPT3ALO5R2JHxsS2kylBGfgPCIUEUbKjHaONeBD8C16rowOesxsSd4NwoMz4T8G9Dh0NlMsckJkt8IJXzauF5ax7rEwP_2ZZTB3Sfxg9AFAPBZv0FnQfSaF0G9eyw28f9MESRmd9Cm9C_pE379XsZDmrvb25oB3SF7xIuzq8o7bA46hMpu7lfqrHKcvjy3oavZpImgWAZawDmMs5Xaxp-h2IPdPmZoqa5T9WHokXGMiSw9Uptpo___3UQJNPShNsXK5RQZMhejyQ_N4r8Bflv7vLZR0Vprh3d3rHP59AYjNm9rdiZMBVjZQ_J_5sRUP3Fc8BqEX6svfH_TZjiejhTk0IY3QML0aHM-AwWftUiyGHJNutWz0op-FDQEjezf5Gm3w__u7MkB3YtK5LMtwdWferJUVUcDWO_-XW71OlbB7AlQe8isRLwEBuCH7GDM7QT_gBOQbREhgx11g8kwfgxvu2vGGME52W4KcvvkWoGxbC36PXmKxfBD8PbAU_rGglsN2x_tmStbhvxITfu7DzMKPntwp9qxDA5UoNOBGq9QNKW5DFso96-Cl4mC5TWF95odIZQIkCl8JWvWoDYUlEl2v5v_jxF-Z_13gcyUJ9jfym2D143mbZ5obUY-StHqcP0zbLO2CjQ2YjbN3YE1x2nLIEaFZtewVtGNgnioEMtKgHGQJIYkDVE8BPfGByzuW8a2uSM2LUCV_ehczNperKG6C8AYJ2CFqFhDIsEhmyw3mSq8zDyeRK3NQvyo_gahxfLBuFM9vH-wGBVOL9_J1okAc-n1hWrkMfNZOWrtyf8Exk9JuYCK9yZxfK82LG9qzIEqt30pe0_XddnlKzQHDqEOnepHRdjj1L7DJPQ46XSjQZ9nyDxg7G2eAKBnGYOg-lg6FsUHUIUrIePadmzv0wz_VVyi17CQjQpQvyl7Y9jD3KVN27Yw3c_-jf8LDKd7RyJGzefvuW0KrSuX4V6Es-F_NWnD72Oq7Zd-dgUL-C0m5tRspc0N4nd6YFlkF0WL_SOKODWUuKofPMHhFak17dKNNQZl3AjDXHuYIjooAn5Vb6t9peQm6uEf898LtCJmDCYsogwEPi_cobzMDERk9cMxX8M921sb7KSDFtxYpkvyurzb04mogUycRJqbk0q1Ko2204nIj8fUd7zbb-WGRkhlRe1eoC0Rt29pjY25Us6DTxt9Rogp9lT3Sa2EtFxqk9nfXpX_xclgkHRiFE4P0ziUm2SZfW46nCjxBzFQFNmwM8SuXetMYVI2Qoy2S8EkyawzP2hqGMItEy-MoepiYeEZzD1Zm8BL4p9XGJ5Uvh9gyufgJPohb6orRqO4nEgTmJprG3W0Lt7Z2d1d_vfvnr9O6JqWr5ZdyXwWBV44bu4JVPC3Xd5uJRx-cmhQJeKnqYWJz66O-Ar9Xd6orRLPzGICzDNb_b5jWfrE0DdmFkAqLbxy9mgF6AUTdVV2n6cLRYBPs1h0BmLrCwWZ_7hBcdlucDi2fpu6DzmzII1mTlej6Il97zxwRZExTxbGhHVdd4TGAEMq-_Rsp-xXuyo1Fab6mv72v1oLIrgNiPlAPru6dxt12tSSP8b9W129qksKND8zQtRBE_JWDjEnjm_K3lQX3tR4Cu1tmYWHVLDX4GiAH9u6_fu1kRa8DZuxf2msrQPM9FM2EDLbbbHib_i51S5VY4xa1a-eYQBl7gzfUPy-uaCbA_PoeKe8nM6qDHxYMQ8hLVg5ZljPHy3gSCwJ2wfiTjTS8_iUPSgDX1aPI9kajZctBVVCuWcdwhBJAwWV6Vx5d7Be0U7Q-m-XMte_1ixdCkIDSPX0BfgySEoWOChdE-a_RaevhD2H-PVZ2H7-hn1OJBb0hwUGXw4E2j5adcynMhBA6h60p__l8uFMM911beYuihYrekh02C4f727ulZzwF_HvolPP-OQRkORVLwqff1Tot-XTQC5mcBS_pHLBKK3ZvvU8SYvYMzzasQJQZe6zlhytEsqrWKNHwUMsaxSLMozVNcYsdbe5z7SNGIZSXC3j5lA4RM6uOwgWE48zjJQF2TdDjShsJMantDwuUrQOC_uQ4RMJEFdFJfrONnsHzFCIb-ANZRNY-cvaD-t8pziG8fEV2JHPPb7ZtOrXETQg6kbO68F1KB7z2xHf-irkk7w60ADFzbiK6U7Z-N10KnuIHJ9rLmHOt1G8QsmrLdQXok4DgQudg36E77iCRPj3Fle8FrfrhfRO9cQbbpdUSVLYyQCkRyYkPoxfcRFdvqZck4SxR6qFzNnecyTotkp65SYiSMDy0f3GOzXZhuB79dO5ONCdwSyQZfrrlzGw5xOLYJQfUl9czFnIVTmwpRsPpgbDmpwwrN3OHMe5ZGnvP5eFtYbeWwhO3BAch8rwyuCwbCy1DGnWwAo99Jf0wIiGtEdWBFpInDKBv7n-cwGyhA1GuC4H3ByKZ5GXQZ4B6ULujE6j1LAJXWRFBFB71kVwNoaeCr_gfhKenhd76361mwqFtyR2ejUAms40kjtpgHas0VUe-015xVKN_CTmD2YmRMr-uH_uPmVYrHDpZF3eYb1JaFHXD1guaSh4wo6O3ejT1LTejIRqNNimsRg-q6MRh6LNWNQlrXYeOkpm83_gsNdzFgeit7ZUhlawybAz7kX7nvn_tSa7K61H3T8O_mCBzFXCO3_flJIVkW4gkCdGrvPict4fAXLFA3Y3D345geMVn05JNltVnSeCj8hksT6wcIFcfw9Wyvi5NjSbPVeTr4SiCj44F0j0tDl5jWBWFjbctc6attZrbpeclzEi23EH9umT9AJOpIJe-GNOrTq0_tCz003RgZqt3QwclQMYCItTKtDb3EGilafAigRz-bxiw-boimLVpOUB_aYiygfryGzQaYugqMTxbXfaSLPF1VuiJMOtck_1UAqDxbVGpftmyoMPxYUWuxcwuvINubWKYTjeHw3MvnE8WxpXw97LX_hE0AMFdAjVqUmH_15DOiL-G1j6QIl12ieKlHpZORkR_aZztym7-zg8_StB4iR8vh7J4wjnrk0brfimDNhBIdFjdQ7n8kHoiuGiJb5rBla0lrZ-9p9MxoRpxGkBm-012bUv_TAkl5PtVLp9GpNvMPdEGD2_ouhyh4R_wMF1vnm6Ie2AmFgoK3sadxpyM5Kv40HUkV84EHbgh2mKnJafIo8KDPmEVlpAe8L6mw06sYUVlCZLapHGDld9DkkjbQK7qdJXMWDHPj5BFsZVe01rxQu--dv1RgHKrdmTlngLBFdYlO72GejWCkhfFRKSnHzi54Ca-AM0NiSokDHpZPVdd8h3b3oW2f5DltCYmHCjAQpXl_q6bNgS7D0bitMjUAVNeE8KxvleyXSUqqqGZyNYdm0OIvNmFYcPKPRDo66GMqDF3eHyKhxWHOyu2yuI-Ph2M5VxD4awDJWLWwRPmDcYE6Hf7zGMy7qyPb2yUOdWskfGkeFYbp0bffPBfundR38-JJg16yDaKVBbhlJ_SztwEKGjO3tI1L8vBLv&cid=CAQSOwDq26N9VxORB3c4pJC0kZ-NPRAnM0hZ9v1HXXTlrwwbggWwz9dNuNCskubH7YwTSQCsOjTsPBvg7KHCGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbiz.nv.ua%2F&ds=l&xdt=1&iif=1&cor=7911655425014140000&adk=3944675600&idt=81&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbdf77bbdb53cc5bf6ee98ae59f07a7267aa51dc5db0aaee021a929600d6cd44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34990
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~ld32l69f&c=5615400123335&slotId=2807700061667.5&met.4=hvd_lc.ld32l69e~hvd_ad.ld32l69e~hvd_mad.ld32l69e~hvd_admu.ld32l69e~hvd_src.ld32l69e&ps=640x360
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0BA3 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Origin
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 15:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 15:54:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/ Frame 0BA3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmL6QNC9TvbaKCqISftgfaI13-RzbyyHHOMS_u5bOYDdLClpOLNZRA-zofHWVueG3hI5b4IAsBXvpwBkeWvx1lA8jK2FB1Fk9W_JsEPzzBSKFUeZytPEWEWh0mbQFnErQQgPUykakD9Skliy2SLcjnR8QUOjaDJJOVPmJ0x3Jtr1JQYxw&cry=1&dbm_d=AKAmf-Cn9o0iVepB0aG6WtxnfD_zI2kgrgO-D6XDhyfgdG5JQmfBDWvihbNQ6idfSspciPWLf5wmgCrFU1vTHDPp-P1iZ6iMq4zg7vIBDMEJphZVmCmY-3PV4vQofi0tKPvcBp61-Fu8c1HxWUuhM4kcasSs8e6lo8YMjPDIEIZWZXLViNaEzeRuh9CXRlNJMERmeVHbK9qGkJBP0w7PKgKE_0aTrSWfyjOdU3R-OblXVUTax_zY1iJfDVPsX3B0oX2bhY1G0blmQnUr8W0AXvh96vWIyOKc6MjV-OYtYE2foOjIkT0OZXA0Q99w2Ipyq5S_5Y_YW4MMp-OtiE4Rfc2JPT3ALO5R2JHxsS2kylBGfgPCIUEUbKjHaONeBD8C16rowOesxsSd4NwoMz4T8G9Dh0NlMsckJkt8IJXzauF5ax7rEwP_2ZZTB3Sfxg9AFAPBZv0FnQfSaF0G9eyw28f9MESRmd9Cm9C_pE379XsZDmrvb25oB3SF7xIuzq8o7bA46hMpu7lfqrHKcvjy3oavZpImgWAZawDmMs5Xaxp-h2IPdPmZoqa5T9WHokXGMiSw9Uptpo___3UQJNPShNsXK5RQZMhejyQ_N4r8Bflv7vLZR0Vprh3d3rHP59AYjNm9rdiZMBVjZQ_J_5sRUP3Fc8BqEX6svfH_TZjiejhTk0IY3QML0aHM-AwWftUiyGHJNutWz0op-FDQEjezf5Gm3w__u7MkB3YtK5LMtwdWferJUVUcDWO_-XW71OlbB7AlQe8isRLwEBuCH7GDM7QT_gBOQbREhgx11g8kwfgxvu2vGGME52W4KcvvkWoGxbC36PXmKxfBD8PbAU_rGglsN2x_tmStbhvxITfu7DzMKPntwp9qxDA5UoNOBGq9QNKW5DFso96-Cl4mC5TWF95odIZQIkCl8JWvWoDYUlEl2v5v_jxF-Z_13gcyUJ9jfym2D143mbZ5obUY-StHqcP0zbLO2CjQ2YjbN3YE1x2nLIEaFZtewVtGNgnioEMtKgHGQJIYkDVE8BPfGByzuW8a2uSM2LUCV_ehczNperKG6C8AYJ2CFqFhDIsEhmyw3mSq8zDyeRK3NQvyo_gahxfLBuFM9vH-wGBVOL9_J1okAc-n1hWrkMfNZOWrtyf8Exk9JuYCK9yZxfK82LG9qzIEqt30pe0_XddnlKzQHDqEOnepHRdjj1L7DJPQ46XSjQZ9nyDxg7G2eAKBnGYOg-lg6FsUHUIUrIePadmzv0wz_VVyi17CQjQpQvyl7Y9jD3KVN27Yw3c_-jf8LDKd7RyJGzefvuW0KrSuX4V6Es-F_NWnD72Oq7Zd-dgUL-C0m5tRspc0N4nd6YFlkF0WL_SOKODWUuKofPMHhFak17dKNNQZl3AjDXHuYIjooAn5Vb6t9peQm6uEf898LtCJmDCYsogwEPi_cobzMDERk9cMxX8M921sb7KSDFtxYpkvyurzb04mogUycRJqbk0q1Ko2204nIj8fUd7zbb-WGRkhlRe1eoC0Rt29pjY25Us6DTxt9Rogp9lT3Sa2EtFxqk9nfXpX_xclgkHRiFE4P0ziUm2SZfW46nCjxBzFQFNmwM8SuXetMYVI2Qoy2S8EkyawzP2hqGMItEy-MoepiYeEZzD1Zm8BL4p9XGJ5Uvh9gyufgJPohb6orRqO4nEgTmJprG3W0Lt7Z2d1d_vfvnr9O6JqWr5ZdyXwWBV44bu4JVPC3Xd5uJRx-cmhQJeKnqYWJz66O-Ar9Xd6orRLPzGICzDNb_b5jWfrE0DdmFkAqLbxy9mgF6AUTdVV2n6cLRYBPs1h0BmLrCwWZ_7hBcdlucDi2fpu6DzmzII1mTlej6Il97zxwRZExTxbGhHVdd4TGAEMq-_Rsp-xXuyo1Fab6mv72v1oLIrgNiPlAPru6dxt12tSSP8b9W129qksKND8zQtRBE_JWDjEnjm_K3lQX3tR4Cu1tmYWHVLDX4GiAH9u6_fu1kRa8DZuxf2msrQPM9FM2EDLbbbHib_i51S5VY4xa1a-eYQBl7gzfUPy-uaCbA_PoeKe8nM6qDHxYMQ8hLVg5ZljPHy3gSCwJ2wfiTjTS8_iUPSgDX1aPI9kajZctBVVCuWcdwhBJAwWV6Vx5d7Be0U7Q-m-XMte_1ixdCkIDSPX0BfgySEoWOChdE-a_RaevhD2H-PVZ2H7-hn1OJBb0hwUGXw4E2j5adcynMhBA6h60p__l8uFMM911beYuihYrekh02C4f727ulZzwF_HvolPP-OQRkORVLwqff1Tot-XTQC5mcBS_pHLBKK3ZvvU8SYvYMzzasQJQZe6zlhytEsqrWKNHwUMsaxSLMozVNcYsdbe5z7SNGIZSXC3j5lA4RM6uOwgWE48zjJQF2TdDjShsJMantDwuUrQOC_uQ4RMJEFdFJfrONnsHzFCIb-ANZRNY-cvaD-t8pziG8fEV2JHPPb7ZtOrXETQg6kbO68F1KB7z2xHf-irkk7w60ADFzbiK6U7Z-N10KnuIHJ9rLmHOt1G8QsmrLdQXok4DgQudg36E77iCRPj3Fle8FrfrhfRO9cQbbpdUSVLYyQCkRyYkPoxfcRFdvqZck4SxR6qFzNnecyTotkp65SYiSMDy0f3GOzXZhuB79dO5ONCdwSyQZfrrlzGw5xOLYJQfUl9czFnIVTmwpRsPpgbDmpwwrN3OHMe5ZGnvP5eFtYbeWwhO3BAch8rwyuCwbCy1DGnWwAo99Jf0wIiGtEdWBFpInDKBv7n-cwGyhA1GuC4H3ByKZ5GXQZ4B6ULujE6j1LAJXWRFBFB71kVwNoaeCr_gfhKenhd76361mwqFtyR2ejUAms40kjtpgHas0VUe-015xVKN_CTmD2YmRMr-uH_uPmVYrHDpZF3eYb1JaFHXD1guaSh4wo6O3ejT1LTejIRqNNimsRg-q6MRh6LNWNQlrXYeOkpm83_gsNdzFgeit7ZUhlawybAz7kX7nvn_tSa7K61H3T8O_mCBzFXCO3_flJIVkW4gkCdGrvPict4fAXLFA3Y3D345geMVn05JNltVnSeCj8hksT6wcIFcfw9Wyvi5NjSbPVeTr4SiCj44F0j0tDl5jWBWFjbctc6attZrbpeclzEi23EH9umT9AJOpIJe-GNOrTq0_tCz003RgZqt3QwclQMYCItTKtDb3EGilafAigRz-bxiw-boimLVpOUB_aYiygfryGzQaYugqMTxbXfaSLPF1VuiJMOtck_1UAqDxbVGpftmyoMPxYUWuxcwuvINubWKYTjeHw3MvnE8WxpXw97LX_hE0AMFdAjVqUmH_15DOiL-G1j6QIl12ieKlHpZORkR_aZztym7-zg8_StB4iR8vh7J4wjnrk0brfimDNhBIdFjdQ7n8kHoiuGiJb5rBla0lrZ-9p9MxoRpxGkBm-012bUv_TAkl5PtVLp9GpNvMPdEGD2_ouhyh4R_wMF1vnm6Ie2AmFgoK3sadxpyM5Kv40HUkV84EHbgh2mKnJafIo8KDPmEVlpAe8L6mw06sYUVlCZLapHGDld9DkkjbQK7qdJXMWDHPj5BFsZVe01rxQu--dv1RgHKrdmTlngLBFdYlO72GejWCkhfFRKSnHzi54Ca-AM0NiSokDHpZPVdd8h3b3oW2f5DltCYmHCjAQpXl_q6bNgS7D0bitMjUAVNeE8KxvleyXSUqqqGZyNYdm0OIvNmFYcPKPRDo66GMqDF3eHyKhxWHOyu2yuI-Ph2M5VxD4awDJWLWwRPmDcYE6Hf7zGMy7qyPb2yUOdWskfGkeFYbp0bffPBfundR38-JJg16yDaKVBbhlJ_SztwEKGjO3tI1L8vBLv&cid=CAQSOwDq26N9VxORB3c4pJC0kZ-NPRAnM0hZ9v1HXXTlrwwbggWwz9dNuNCskubH7YwTSQCsOjTsPBvg7KHCGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbiz.nv.ua%2F&ds=l&xdt=1&iif=1&cor=7911655425014140000&adk=3944675600&idt=81&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
64780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:29:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame 0BA3 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmL6QNC9TvbaKCqISftgfaI13-RzbyyHHOMS_u5bOYDdLClpOLNZRA-zofHWVueG3hI5b4IAsBXvpwBkeWvx1lA8jK2FB1Fk9W_JsEPzzBSKFUeZytPEWEWh0mbQFnErQQgPUykakD9Skliy2SLcjnR8QUOjaDJJOVPmJ0x3Jtr1JQYxw&cry=1&dbm_d=AKAmf-Cn9o0iVepB0aG6WtxnfD_zI2kgrgO-D6XDhyfgdG5JQmfBDWvihbNQ6idfSspciPWLf5wmgCrFU1vTHDPp-P1iZ6iMq4zg7vIBDMEJphZVmCmY-3PV4vQofi0tKPvcBp61-Fu8c1HxWUuhM4kcasSs8e6lo8YMjPDIEIZWZXLViNaEzeRuh9CXRlNJMERmeVHbK9qGkJBP0w7PKgKE_0aTrSWfyjOdU3R-OblXVUTax_zY1iJfDVPsX3B0oX2bhY1G0blmQnUr8W0AXvh96vWIyOKc6MjV-OYtYE2foOjIkT0OZXA0Q99w2Ipyq5S_5Y_YW4MMp-OtiE4Rfc2JPT3ALO5R2JHxsS2kylBGfgPCIUEUbKjHaONeBD8C16rowOesxsSd4NwoMz4T8G9Dh0NlMsckJkt8IJXzauF5ax7rEwP_2ZZTB3Sfxg9AFAPBZv0FnQfSaF0G9eyw28f9MESRmd9Cm9C_pE379XsZDmrvb25oB3SF7xIuzq8o7bA46hMpu7lfqrHKcvjy3oavZpImgWAZawDmMs5Xaxp-h2IPdPmZoqa5T9WHokXGMiSw9Uptpo___3UQJNPShNsXK5RQZMhejyQ_N4r8Bflv7vLZR0Vprh3d3rHP59AYjNm9rdiZMBVjZQ_J_5sRUP3Fc8BqEX6svfH_TZjiejhTk0IY3QML0aHM-AwWftUiyGHJNutWz0op-FDQEjezf5Gm3w__u7MkB3YtK5LMtwdWferJUVUcDWO_-XW71OlbB7AlQe8isRLwEBuCH7GDM7QT_gBOQbREhgx11g8kwfgxvu2vGGME52W4KcvvkWoGxbC36PXmKxfBD8PbAU_rGglsN2x_tmStbhvxITfu7DzMKPntwp9qxDA5UoNOBGq9QNKW5DFso96-Cl4mC5TWF95odIZQIkCl8JWvWoDYUlEl2v5v_jxF-Z_13gcyUJ9jfym2D143mbZ5obUY-StHqcP0zbLO2CjQ2YjbN3YE1x2nLIEaFZtewVtGNgnioEMtKgHGQJIYkDVE8BPfGByzuW8a2uSM2LUCV_ehczNperKG6C8AYJ2CFqFhDIsEhmyw3mSq8zDyeRK3NQvyo_gahxfLBuFM9vH-wGBVOL9_J1okAc-n1hWrkMfNZOWrtyf8Exk9JuYCK9yZxfK82LG9qzIEqt30pe0_XddnlKzQHDqEOnepHRdjj1L7DJPQ46XSjQZ9nyDxg7G2eAKBnGYOg-lg6FsUHUIUrIePadmzv0wz_VVyi17CQjQpQvyl7Y9jD3KVN27Yw3c_-jf8LDKd7RyJGzefvuW0KrSuX4V6Es-F_NWnD72Oq7Zd-dgUL-C0m5tRspc0N4nd6YFlkF0WL_SOKODWUuKofPMHhFak17dKNNQZl3AjDXHuYIjooAn5Vb6t9peQm6uEf898LtCJmDCYsogwEPi_cobzMDERk9cMxX8M921sb7KSDFtxYpkvyurzb04mogUycRJqbk0q1Ko2204nIj8fUd7zbb-WGRkhlRe1eoC0Rt29pjY25Us6DTxt9Rogp9lT3Sa2EtFxqk9nfXpX_xclgkHRiFE4P0ziUm2SZfW46nCjxBzFQFNmwM8SuXetMYVI2Qoy2S8EkyawzP2hqGMItEy-MoepiYeEZzD1Zm8BL4p9XGJ5Uvh9gyufgJPohb6orRqO4nEgTmJprG3W0Lt7Z2d1d_vfvnr9O6JqWr5ZdyXwWBV44bu4JVPC3Xd5uJRx-cmhQJeKnqYWJz66O-Ar9Xd6orRLPzGICzDNb_b5jWfrE0DdmFkAqLbxy9mgF6AUTdVV2n6cLRYBPs1h0BmLrCwWZ_7hBcdlucDi2fpu6DzmzII1mTlej6Il97zxwRZExTxbGhHVdd4TGAEMq-_Rsp-xXuyo1Fab6mv72v1oLIrgNiPlAPru6dxt12tSSP8b9W129qksKND8zQtRBE_JWDjEnjm_K3lQX3tR4Cu1tmYWHVLDX4GiAH9u6_fu1kRa8DZuxf2msrQPM9FM2EDLbbbHib_i51S5VY4xa1a-eYQBl7gzfUPy-uaCbA_PoeKe8nM6qDHxYMQ8hLVg5ZljPHy3gSCwJ2wfiTjTS8_iUPSgDX1aPI9kajZctBVVCuWcdwhBJAwWV6Vx5d7Be0U7Q-m-XMte_1ixdCkIDSPX0BfgySEoWOChdE-a_RaevhD2H-PVZ2H7-hn1OJBb0hwUGXw4E2j5adcynMhBA6h60p__l8uFMM911beYuihYrekh02C4f727ulZzwF_HvolPP-OQRkORVLwqff1Tot-XTQC5mcBS_pHLBKK3ZvvU8SYvYMzzasQJQZe6zlhytEsqrWKNHwUMsaxSLMozVNcYsdbe5z7SNGIZSXC3j5lA4RM6uOwgWE48zjJQF2TdDjShsJMantDwuUrQOC_uQ4RMJEFdFJfrONnsHzFCIb-ANZRNY-cvaD-t8pziG8fEV2JHPPb7ZtOrXETQg6kbO68F1KB7z2xHf-irkk7w60ADFzbiK6U7Z-N10KnuIHJ9rLmHOt1G8QsmrLdQXok4DgQudg36E77iCRPj3Fle8FrfrhfRO9cQbbpdUSVLYyQCkRyYkPoxfcRFdvqZck4SxR6qFzNnecyTotkp65SYiSMDy0f3GOzXZhuB79dO5ONCdwSyQZfrrlzGw5xOLYJQfUl9czFnIVTmwpRsPpgbDmpwwrN3OHMe5ZGnvP5eFtYbeWwhO3BAch8rwyuCwbCy1DGnWwAo99Jf0wIiGtEdWBFpInDKBv7n-cwGyhA1GuC4H3ByKZ5GXQZ4B6ULujE6j1LAJXWRFBFB71kVwNoaeCr_gfhKenhd76361mwqFtyR2ejUAms40kjtpgHas0VUe-015xVKN_CTmD2YmRMr-uH_uPmVYrHDpZF3eYb1JaFHXD1guaSh4wo6O3ejT1LTejIRqNNimsRg-q6MRh6LNWNQlrXYeOkpm83_gsNdzFgeit7ZUhlawybAz7kX7nvn_tSa7K61H3T8O_mCBzFXCO3_flJIVkW4gkCdGrvPict4fAXLFA3Y3D345geMVn05JNltVnSeCj8hksT6wcIFcfw9Wyvi5NjSbPVeTr4SiCj44F0j0tDl5jWBWFjbctc6attZrbpeclzEi23EH9umT9AJOpIJe-GNOrTq0_tCz003RgZqt3QwclQMYCItTKtDb3EGilafAigRz-bxiw-boimLVpOUB_aYiygfryGzQaYugqMTxbXfaSLPF1VuiJMOtck_1UAqDxbVGpftmyoMPxYUWuxcwuvINubWKYTjeHw3MvnE8WxpXw97LX_hE0AMFdAjVqUmH_15DOiL-G1j6QIl12ieKlHpZORkR_aZztym7-zg8_StB4iR8vh7J4wjnrk0brfimDNhBIdFjdQ7n8kHoiuGiJb5rBla0lrZ-9p9MxoRpxGkBm-012bUv_TAkl5PtVLp9GpNvMPdEGD2_ouhyh4R_wMF1vnm6Ie2AmFgoK3sadxpyM5Kv40HUkV84EHbgh2mKnJafIo8KDPmEVlpAe8L6mw06sYUVlCZLapHGDld9DkkjbQK7qdJXMWDHPj5BFsZVe01rxQu--dv1RgHKrdmTlngLBFdYlO72GejWCkhfFRKSnHzi54Ca-AM0NiSokDHpZPVdd8h3b3oW2f5DltCYmHCjAQpXl_q6bNgS7D0bitMjUAVNeE8KxvleyXSUqqqGZyNYdm0OIvNmFYcPKPRDo66GMqDF3eHyKhxWHOyu2yuI-Ph2M5VxD4awDJWLWwRPmDcYE6Hf7zGMy7qyPb2yUOdWskfGkeFYbp0bffPBfundR38-JJg16yDaKVBbhlJ_SztwEKGjO3tI1L8vBLv&cid=CAQSOwDq26N9VxORB3c4pJC0kZ-NPRAnM0hZ9v1HXXTlrwwbggWwz9dNuNCskubH7YwTSQCsOjTsPBvg7KHCGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fbiz.nv.ua%2F&ds=l&xdt=1&iif=1&cor=7911655425014140000&adk=3944675600&idt=81&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
64780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:29:42 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0BA3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 21:33:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7F28 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Thu, 19 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0BA3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33b1b1ae5c24eb4662b60878d554c181ba78ca5426e5103b124c8630ad6e5eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3F5C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 09:58:40 GMT
expires
Wed, 17 Jan 2024 09:58:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0BA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhBGX31QBlyRpRLCqJ9uOJG7Y3u45yMFWMZnP40DtKc6wSHBED2DdXktqRmUvF2sDcXUS_pxRY7ZjnJAhvPxns_-hTunOE-HwHcDIlhJcQCGenx2CnuRYbm_YVI-BFIPRlS2mPc4C9Ko1e4EdeOAjs6kS4ufgWbui_gSU9T9dLaQ0pJ9gm4tcXN1HVmCZNTxzQK4-L3-8KdSBH5dZrg-c-4cGhVPbIPt_58J77W8M5v85FbXO7At1wYGEuN2msv8bZ0bodIOwU6Am0hU2xqGsjHHU5YupUla5Jj1LicXrP8YGrXguZPfBqMYTNrNsKLYW1ELUB1mh1KszUV87rGPFkJreAnjbaGKaxcnsSw1kKiECN2go5ereDIsr5mu9uU9qciKJk4zyhzN75Mh0Dh2JCH_bZ5ZtWkTU_CUw2xHggrV4rrG4dzpnQyTIzVIlUqpVAG_AuM4sXlT1l0rE_IykIBwNlDNwb3rOXwOCep_95kdF_vylYUjN-I3UHc2hX-X4FDWmvOELsdXa2MebGynbT7of3OUsKv6BvKCu3rqunrEFp0R3zQ5CzjlDH2IL6-fT60n0T1RCqdWoXGCG2707_tKbjdEshfELK68FKzuh2FYC-qa_5r8EFi93OVALVjNaAWc0tnN-46o2Ke13QQ8TwRxET9qw561QxzPH1Qqq6AFg2lvmu7PKkyN3RnkAaEprVjG5w27FnJeXxqFssm2PVNb1L8NsUmgEukRlHzyxLxn79jpwdhRSKmPHqfgqIoMVYfJkPNw0cDnc9iRKWZjE4Kg7kccv5U2XwYE7ENsin9x2iRvh3ygc1_2SWfaNcy5pN8eMLYhZTy_vJqUlJyePGwgasonbApFDQ0zZUk3Sw0nftIFlfNVThVZfr457GWMO00wMlJ3CPFmwmchQJEjdTRJ5W_AjO758kQ3sfwetLLAiGHb5nHuXwBqKd4Y4fKxtvOLB6lW9gK8k2PUROLWLCT-b7myMcmHdHWfqTzg1MMOg-rYWRNQISpq_xfip7XTwy_iNpU43_Ug1-47ebah-Ot5rG6WJ1xFzB93Zf9ywRBWt1HfyehGU9ed4QU63FF3nA_zdQoaoG0Qo7E8hyjdEpXCOmLeia3wc9OVMFRhUtfkzW-NEbgGmvfQ5HJpxWYjhkeksGUeTB5lPGDETZo9LaN9nILyCEINjV3Ex3eQoCstm1O7KmJ1hob-M0GzgwOYnN-TF2MgKX4UPB0wvyG4_m&sai=AMfl-YTxQX-dW6yoHUT36_VlaGfrJ3ypwj9KvHEFuobjR4xwBRw0RQ2nNWdryzderPbdOTaDV4dUi_C6QkgjFkJzcLvZMV9tzE0bakjsSHtvBgHcxPmjB3cF9iiHA1ymIx9rmSMzdmxA5sPVG1ZzTX_E6Cr0Adp8oVyoh208rt2apP9P_21G6fo-jTWGD63sEuOtdk-upBMDOCabPRrzPVwB90ECU9IVjkTGiOCMDmg4jtJ9Hbf_JiW84zIY4Vyo1-hMAdJ8nD4CjTM&sig=Cg0ArKJSzPF-JSk4TwGjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=88&cbvp=1&cisv=r20230117.36792&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 19 Jan 2023 12:29:22 GMT
6340259685772812526
s0.2mdn.net/simgad/ Frame 0BA3 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6340259685772812526
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae5d1f702dd3496c0544fe974693de1a74a391849adbe727fbacb552700f9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:17 GMT
x-content-type-options
nosniff
age
311165
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99980
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E18D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7dz7kk7EvLH1EAbuVNtRofuYQfQOEDlXbViSlkLClb4KchgYltHwERJPKM-WoQZPS3uz3-qpjoboR3vMQ6HEDvZNRbjKR9E88CcpgPFJ65pscJy4jo4Y2bLpmmiVSnUvLAvSc3g3SBp0xgkgDrMzSwdsyZWX2zn8YJalYG_5Pa3OygGAmM4Z9Q8Dd0kmoqqjABhAdarVP95x05KEJt0B-cX9_cP7YywmAeaDA5wA-F9an0yNK5uQ45S32IOpxZDUTwyLFyZCXEts6KQJpR8BFigxZAfxCXWf5puXTcRNDq_w_3nVXeg9SY8sNrTw_6w&sai=AMfl-YSdBO2RNP6x-PRKEJM977fxBQTFnZee4D3bQfybVP1hES-3Fy4VPVp4Ib_7aff2G5P-T5C6EMETRDjzVVyAPGiLeBkEqTjB5s2fWgxMcp_hAqzaz6a6NS-O8uQ9MoNI&sig=Cg0ArKJSzOTHQZkyXg7LEAE&uach_m=[UACH]&adurl=
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame E18D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
61967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 19:16:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame E18D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
65477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:18:05 GMT
l
www.google.com/ads/measurement/ Frame E18D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOcGbLn1UrgkAVf6LSKiZ0Jj3fTTXAg4N5DqgWzVSSwsJE5bAGCRQj25dOk9FMmZm0yl75HCq_S5Y99NEAQ_7RbpfUAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E18D 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 12:29:22 GMT
12905376844983214406
tpc.googlesyndication.com/simgad/ Frame E18D 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12905376844983214406
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:30 GMT
x-content-type-options
nosniff
age
267892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 15:55:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 10:04:30 GMT
container.html
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:21 GMT
expires
Fri, 19 Jan 2024 12:29:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7F28
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZW1oZGtWT2kxUGl1Mkw1&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZW1oZGtWT2kxUGl1Mkw1&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqMO9PRj1ToE_w-oPSqE9tLOdk55eopOyBOJZzZ34TBBIUZ6z5L2OWU
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:22 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0ba18284f907c56bd@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZW1oZGtWT2kxUGl1Mkw1&google_gid=CAESEKxpKR_Pw8yKuLTZOLfnXTA&google_cver=1&google_push=AavPq0MMjJhAp7LNxkknYjgV4ry5LcerGtf_e_2HyeLOzqMO9PRj1ToE_w-oPSqE9tLOdk55eopOyBOJZzZ34TBBIUZ6z5L2OWU
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7F28 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDgCIDQgYErsMY6p4S4j2OY&google_cver=1&google_push=AavPq0MY_2GhDQ_JnfTwLCL5ebtBmUks45xoLAAMaVjj1s7yEnlCNr6iu8q4-gA_t22aQExwcUFznLUBIPR352FkKRhlEjNCy54
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 7F28
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDCNtARVkw0BKocMiKE1hIw&google_cver=1&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoB...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoBp4615c7RkX_bPPGo&google_hm=6Yu9cXA4TPuBV--aNE07Xk4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoBp4615c7RkX_bPPGo&google_hm=6Yu9cXA4TPuBV--aNE07Xk4
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:22 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0PDDoM72KSa8zrQUOTRflGH1f8xc4yAdBcLy0aSpJZqQdUiFUNzWX4pELJWMJi6BTzalejx43jztoBp4615c7RkX_bPPGo&google_hm=6Yu9cXA4TPuBV--aNE07Xk4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7F28 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMs3LZK8_NOUAQ-TS_PE1OI&google_cver=1&google_push=AavPq0NsQCm4xhfFyPkgbGrh5VsjbojJ5LF-uHFn2uQfWaOzAsNTVECNQ2fIGouyEH-XmFLRxTPgt-9fi5lsg3A-gQWjG1jPac4
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 7F28
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELYgs9_l_hqgfug2SqYu_gA&google_cver=1&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8M...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELYgs9_l_hqgfug2SqYu_gA&google_cver=1&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8M...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk&google_hm=GAyttGZHIlOHd5RpSfa1aW0v
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk&google_hm=GAyttGZHIlOHd5RpSfa1aW0v
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 19 Jan 2023 12:29:23 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NLOl-ODyZALW_7mozjTCJksUgFPVZwGu0YfvpXv39bHRl59dNRs6bAwomqw24c9QR4EMm2t7J7p5AT_il8MNfafrclilk&google_hm=GAyttGZHIlOHd5RpSfa1aW0v
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7F28
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPwFGy64oFlHSwgMDUladjE&google_cver=1&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf4sNjcS_Chz4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf4sNjcS_Chz4
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 19 Jan 2023 12:29:23 GMT
via
1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0OPXmdYA2YnVKs2QDzpFog9YaQPICEl2BE7bpSjdEy5nsb0AZSzLTgfIVWVpgU6_L8VPpWWc1UorRi8Dzxf4sNjcS_Chz4
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sMwvEAHKf_EqeeryT4Kx2I9WncrLWs6TIFdZj0fHhLwIczMxVRoqiA==
/
onetag-sys.com/match/ Frame 7F28
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO0K2Xaak7UxtW_QEIHYU3A&google_cver=1&google_push=AavPq0MH6zEhFBuIwrxNSZzgJgR21Ir4zNxniTNUYZFzFkO-GOGljcp4GPacGy6noBlsghP8zo91WFbqXWN...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MH6zEhFBuIwrxNSZzgJgR21Ir4zNxniTNUYZFzFkO-GOGljcp4GPacGy6noBlsghP8zo91WFbqXWNDiRNsl_IRQH4jTcRx
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7F28 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbkNrQknlhoi_S6pP4vWCBp0HJDAoUtk81gsas7TzZZTmDizwZ62co6sQdb_uefm6CRY11gw
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=1492119284604854&bg=!BAelB0PNAAYDMoyoIzI7ACkAdvg8Wsb1Pg3aJw7ebXiQW9pHHL_XGwzJYOfuT2mpWmC_0hBK61se3AIAAADqUgAAAAJoAQeZApyS9_lIhqtpOF4D7pe2Vc2Y2l7QniQ_Iw6yHOAh9MfCqxXYZlK_K8WRWhvGHFmwKCjWWTvzuCaM10tDY_GqPJx6RhPCvR3h6pfLYCk5JsWuMMQkyr2DS27tqKa3uCu45htf83NwqLUEbvyq8cl0ohcyx0MUvuHQHgkxMY3gasFUqSNKwvX2p9I6K-568syFbvPa8uQfGSjGT2BJGX_g2ZLV4xKrH2bNjxvd8_xyD5vJLj0KKW52Hi651WEc21McxnQvL-IRUxZgGr5fohtEWPZhYk3f9f9GpqjqE9ZL8Zz43zj4SYuFxrgnY9V7CojZZ1Uw58U5K6BcUZXzGA3QkQ49COaJBb9PljGhT-akCkyJ-aWnmf9BdDeXmGYGGiZZB6lkCmfyO0QEriBOIm1-tD-QWQeH3gzx7UIxDKFz-o9ARG46C1gUjfSNhV5D-rx3QSus2O8yLMMTSZCnEGY5LjvBoZWr-lIdD3A6A-2-xET5ITzZ-0wG66JEuJ-vgED_F2rfTzpMiVfeuT7waB5naXDWmpbFF6n0MpVBh9V9y8AudWV4Yo3mbtsz-R2T9aF42wy8HY_LLs43wka_4bd45NWHUHsQynJMJBusGxvKEGOPc6IopP2cxWPJOCFpwixp8mXfILqRmscnkpCOLaCPG5yRIa8fXVhuMk1q1UamKA2R27pSq56atDwtO9VQZfQDGJgkb4u2bQ1yBU33GwbnWBl22dbRBUIaVpVO8RwsMS0FZeKL-irTXTz_jcqDiv1Rdkq_RxWwXerCcNOJdENcU5PkD3QAp9b-C_hEs12AUWacNJmjA21DeZjhQFRGJCdtzpbk7k1HOgofogWIIJuwNWgaKsKSI4LjN7qqfgskz8X-0WI70PzwXnKRoD81Rw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
truncated
/ Frame E18D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08b47820684f2e1187fb5bbd75e262d92ce990a4ea6e01f8607d8e0780619037

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/ Frame F255 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37f95cbe77f8d3d62c1cd27d988b1acbb18c66015a245a77db298bcc3ac186be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
421663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1308
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Jan 2023 15:21:40 GMT
expires
Sun, 14 Jan 2024 15:21:40 GMT
last-modified
Mon, 26 Sep 2022 14:05:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame EC72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJZgRojfJY66EIZns3gOX8okIs8349Gz3u7Lb6BClwKDPijgQASD0-edjYJXikIKgB6AB76vK-gLIAQmpAnvigfj0IrI-4AIAqAMByANIqgSrAk_Qdan3NO2VYp0UclcPkLfY-UIgPI5tqf-w2-S7RRWsOyR9yAKjImUIUe5u6DpFKG3Ba20zlqeCiUtWdixYXr3oxDOu9wEhmdPYcaYjjs7U-tD8dMOFrlI40vjm7pF98IFV6F8iXhg036TTCStqRBVe3AchT5ZykjaKoeJmrDsrsBtUqpUVnAriDLE2ufRxSL4l3qEaksO0bgzPg5NkwKvRx-FYXVZGV02oGAIjWy0taGoyWesyhSHxC6d5RswuU7NRQvN4KqX5PRnWjroBhEv-Ich5IfN8IyE9BQuUdaDpkx26ajcKw8D0bIHNCQjTnv6w0npj-YiKHYPyvgpUMjUT9LLc2sBbJo82bVbTc-1rdJfLnDhjKLWd7SOCIRNbVjfvvJe__9cydT6KwAS0qKLrqwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-dO1hQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC0rQzSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=uXGDPeRPehQ&uach_m=[UACH]&cid=CAQSOwDq26N9sApbRxAoS0Rzmi3I6lhFYKZf4JnUnKmQ_yUk0x5QwPgryA2d43nSXX3VwQaVs3fmpXp2RzeuGAEgEw&template_id=419
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/ Frame EC72 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
61968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 19:16:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0BA3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhBGX31QBlyRpRLCqJ9uOJG7Y3u45yMFWMZnP40DtKc6wSHBED2DdXktqRmUvF2sDcXUS_pxRY7ZjnJAhvPxns_-hTunOE-HwHcDIlhJcQCGenx2CnuRYbm_YVI-BFIPRlS2mPc4C9Ko1e4EdeOAjs6kS4ufgWbui_gSU9T9dLaQ0pJ9gm4tcXN1HVmCZNTxzQK4-L3-8KdSBH5dZrg-c-4cGhVPbIPt_58J77W8M5v85FbXO7At1wYGEuN2msv8bZ0bodIOwU6Am0hU2xqGsjHHU5YupUla5Jj1LicXrP8YGrXguZPfBqMYTNrNsKLYW1ELUB1mh1KszUV87rGPFkJreAnjbaGKaxcnsSw1kKiECN2go5ereDIsr5mu9uU9qciKJk4zyhzN75Mh0Dh2JCH_bZ5ZtWkTU_CUw2xHggrV4rrG4dzpnQyTIzVIlUqpVAG_AuM4sXlT1l0rE_IykIBwNlDNwb3rOXwOCep_95kdF_vylYUjN-I3UHc2hX-X4FDWmvOELsdXa2MebGynbT7of3OUsKv6BvKCu3rqunrEFp0R3zQ5CzjlDH2IL6-fT60n0T1RCqdWoXGCG2707_tKbjdEshfELK68FKzuh2FYC-qa_5r8EFi93OVALVjNaAWc0tnN-46o2Ke13QQ8TwRxET9qw561QxzPH1Qqq6AFg2lvmu7PKkyN3RnkAaEprVjG5w27FnJeXxqFssm2PVNb1L8NsUmgEukRlHzyxLxn79jpwdhRSKmPHqfgqIoMVYfJkPNw0cDnc9iRKWZjE4Kg7kccv5U2XwYE7ENsin9x2iRvh3ygc1_2SWfaNcy5pN8eMLYhZTy_vJqUlJyePGwgasonbApFDQ0zZUk3Sw0nftIFlfNVThVZfr457GWMO00wMlJ3CPFmwmchQJEjdTRJ5W_AjO758kQ3sfwetLLAiGHb5nHuXwBqKd4Y4fKxtvOLB6lW9gK8k2PUROLWLCT-b7myMcmHdHWfqTzg1MMOg-rYWRNQISpq_xfip7XTwy_iNpU43_Ug1-47ebah-Ot5rG6WJ1xFzB93Zf9ywRBWt1HfyehGU9ed4QU63FF3nA_zdQoaoG0Qo7E8hyjdEpXCOmLeia3wc9OVMFRhUtfkzW-NEbgGmvfQ5HJpxWYjhkeksGUeTB5lPGDETZo9LaN9nILyCEINjV3Ex3eQoCstm1O7KmJ1hob-M0GzgwOYnN-TF2MgKX4UPB0wvyG4_m&sai=AMfl-YTxQX-dW6yoHUT36_VlaGfrJ3ypwj9KvHEFuobjR4xwBRw0RQ2nNWdryzderPbdOTaDV4dUi_C6QkgjFkJzcLvZMV9tzE0bakjsSHtvBgHcxPmjB3cF9iiHA1ymIx9rmSMzdmxA5sPVG1ZzTX_E6Cr0Adp8oVyoh208rt2apP9P_21G6fo-jTWGD63sEuOtdk-upBMDOCabPRrzPVwB90ECU9IVjkTGiOCMDmg4jtJ9Hbf_JiW84zIY4Vyo1-hMAdJ8nD4CjTM&sig=Cg0ArKJSzPF-JSk4TwGjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&vt=11&dtpt=183&dett=3&cstd=270&cisv=r20230117.36792&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: biz.nv.ua
URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 19 Jan 2023 12:29:23 GMT
Payoneer_Privat_oct22_v1_300x600.html
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e28c58d1eed5e7f571bbb7a8a4400cfe5de0d233fd50155731bdec89fb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
311166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2242
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Jan 2023 22:03:17 GMT
expires
Mon, 15 Jan 2024 22:03:17 GMT
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 3F5C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 16:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 16:17:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E18D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFHBArdDggGi0rpcscMZFicLDRjL7gHeudn09RTSiOfVuLL3ah2KpehIC9Py8Zf9bLDo0_Dmy_zRQ5gpyM3c4D8tnDqwlGkmzSjY97eBQX6zg30Nphn28sT18V5A1KRFHBZ1NBTEHNrPKy833VFN3Px8YW3QdiWyLOWq3T8lT8X0kvi8Io19R2e2I8h-6YhDHI_CIFUC49Dp9MYHKDZGOU7BwGbdBRDWFuOBg9n62MXETXMN5LMfulSxts5q5gyEP-a_KtgZMcA2evax_HGsuFi6LLU01WeYzFKTwp4QVursBWCY6f4bjYXgmNfWP42it8&sai=AMfl-YTith_7vwl1dB-nhXmRN2xMzW499Ip5TsW6F_Up_YhMKac46YdrS7ZyLX_SlcVfqWV25SqN_ohVA8aNITfDUZ7tz5Hq4jvdb5C2aExhQxx-3GRK6_H2G2a0kLe69iYG&sig=Cg0ArKJSzBeCabr6nY2-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://biz.nv.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 19 Jan 2023 12:29:23 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F255 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
54002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 19 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F255 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 15:59:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
73807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:59:16 GMT
createjs.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/libs/1.0.0/ Frame F255 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/libs/1.0.0/createjs.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Jan 2023 19:19:39 GMT
age
234584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64184
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 19:19:39 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/ Frame F255 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01308cab6e4743678a7897737ab9d94709fb8b50ea89f10e821050c9c2a80cef
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Jan 2023 19:19:39 GMT
age
234584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13824
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:05:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 19:19:39 GMT
tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E2CB 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37530
x-xss-protection
0
last-modified
Tue, 06 Sep 2016 20:51:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:29:26 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E2CB 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 12:29:23 GMT
createjs-2015.11.26.min.js
code.createjs.com/ Frame E2CB 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:11a::6867:4808 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Thu, 19 Jan 2023 12:44:23 GMT
Payoneer_Privat_oct22_v1_300x600.js
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		192 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbe17815d41e0cdf2814978d2a07db50f522b730e28e0797ba1dca364ceaeed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30978
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9DD8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 11:51:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame EC72 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/window_focus_fy2021.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
65478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:18:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/ Frame EC72 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
65478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Feb 2023 18:18:05 GMT
assets.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/images/ Frame F255 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13943404572528172021/export/images/assets.png
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
705a478384a14d7e7febb8e6d8dc02a2bbc1aa085b18c0e39442df9ab4183897
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 19 Jan 2023 11:28:25 GMT
x-content-type-options
nosniff
age
3658
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99110
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 14:05:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 11:28:25 GMT
l
www.google.com/ads/measurement/ Frame EC72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNdnRIsEfgcYFrBt_PyvMRkZawYbTSJZ8S9jHNqYF6jy49Ic4M-YrKWFnnZUkhKNyew5t3EwvEcO9qmqDClf-pD_KT0w
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC72 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 12:29:23 GMT
truncated
/ Frame EC72 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a1b30794170aa360345a861695b02afebc86bc6e190e45ae42134c44c563b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9DD8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:23 GMT
expires
Thu, 19 Jan 2023 12:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame F255 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 16:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 16:17:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F5C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmps-ojfJY5rWLI2V3wPb7bu4AwAAAAA4AeAEAg&bg=!oqGloeXNAAYDMoyoIzI7ACkAdvg8WkZDEepipIht1ldro4v20AEHJAhOCwIl1dLzU6lLJWHwg60bFgIAAAEUUgAAAAJoAQeZAvckhshUUs6j54i1sBAaWeWyfcggUCEgBMJddq-jYGOy-ksYObaMFsZupVOy4rzfR-ZUiF__y3bDu4SFw5H4w-CBFA6J-o_Qqoo8PozsxUoTnQhvokSYR24SQapqu11BLCrQAP_F6amsscJm79Vn9U8Evt9r_5XxGbr6J8o3ocgtmIK91LQb0-VOLgJVAUmIhvuCT9GQRcSYSYFoxZfovZRyrPJbMnZXFOrLa0ASxEeSVPNypBQzC8sh77I1MaWmQVcyjNwgJsIPE4CydQkfAxxBF7_JI5c9SyPl6CvYihVvQYM540BsUsUurPztj_WvLIrvG5csRC4pYDw5XvD5ppZsjbiXiI-ak4absquZhYBqmOcWC7O7r7yLhgtX2XiraDuSi00OHM0EusjmOmgBYB7zlo9rjBw84wR24sP-co-85f2_WoxmaEkbsQAC8m__iSMu3T782NOW3AKnPHP1Bq_VLm-4HAMwbF-bQZejUK3fsRRsyYcpyxQBCUco2GD8xh4UgNiogm9ObpH95EB9RotvQ8_jtn8nhiDfyUrOBzWDZaIoaUOj1Uz1joeP-rkhDGk38PcAsPQfmK5F6DXJff-Aii2mGm-yhxCS-QtK9zlzgeEZB6F_AsIfC7H56_WoRYD25SdXoM_zQpqPKuJNE8wxcsXaUzkXc0He12loTt4pJQAzGmTTnrReQagEQTYOXc4nRTRRmQ_OrVLV6nCSZJXbLjIXw5gMzgkgFH-jBQKUBF5y-iscC0hx21KplEiQdwndRs2b1ce1m3DxqLjtUlCf6K6hJzmwNnccZEfsyKjov5q4YKIu3yhaFjFz_72FvWQJynQYVWWoiuaKY7cDyvRWFVzcD2IIY5O8_9-b2M7w1yExVILbz3ElODD0Vf8MJLKqp-L7MmA7j6VUCtpNPMZii4zFmSlJElhkGN_h3VjQFs4CWegGTIQCCAM5GM-g9BqWuShRv-qNoQDMuZc9Vp1z2kkGY2ANQRd0DrEJJErfZZulJJHgNUU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BA3 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj3AkpG17waDqizrfQCjOogwCcj_1KwSnXq8aQ8ncOHFU9SpeoypjqzwVwpskDDX4n99Xp2Q8QYSIYt-n9V2ieVyzU6SgpmEojDnMYXVJMC_Z6BOkC1WKYCA9O7pzKu5lcn2Xi3g&sai=AMfl-YTU99_9ci-uQGb90SsYabdLL02llbjnvj2xOdJ_0BFwKxNhrIKJgd_E7UwWXVqgAOZQOlSMgRn-WvxafVti2qsb-chJpIjizDb3ulaK5cZnxLKMVb53PVWn3DUH7Q&sig=Cg0ArKJSzAz_hjItfMBMEAE&cid=CAQSOwDq26N9VxORB3c4pJC0kZ-NPRAnM0hZ9v1HXXTlrwwbggWwz9dNuNCskubH7YwTSQCsOjTsPBvg7KHCGAEgEw&id=lidar2&mcvt=1000&p=425,1324,465,1365&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1440272241&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674131362589&rpt=241&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BA3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4738336063096&version=m202209210101&ct=119&x=1&cor=7911655425014140000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 41DE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Jan 2023 12:29:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame FAFA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
88
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
78bf93621875905b-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
Thu, 19 Jan 2023 16:29:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 1D49 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 19 Jan 2023 12:29:24 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3494 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141977
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
Sat, 21 Jan 2023 03:55:41 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 70E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://biz.nv.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20681
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 19 Jan 2023 12:29:24 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 18 Jan 2023 06:44:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
7, 340189
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220065-HHN
X-Timer
S1674131364.176733,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 70E8 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
AN-X-Request-Uuid
5644c573-06d5-47c6-8106-48290c1d045d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A322 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f716f5ee4984ee957b6c1bb92ed787aa8be61e874167ca1878af85c606e836

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78bf9362deb22bd3-FRA
content-encoding
br
content-type
text/html
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ1639ne620jCATuqH7VeCdxMeTZpAiQHVrHqPoXWk1r%2BZLnt5Pib5BP7L6U9EtxXGc1lbNJR1OTmT4HC5e1rRmN%2BT%2F0tPQAzmkhFMojx2k1TGNk72RR32Yt7EgT2PGPMOMu%2FBM2LQ%2F3ow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3494 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21924855&p=162179&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
72b6a07439ea4e4eca4e6b48ce1b4cc04d1bca4ab861cd154177659de79287a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Jan 2023 12:29:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 41DE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
db7854903c8bebbf4d892c51c9d474bda6bbf00d8b17d3baeaaa2ff7d8263388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 19 Jan 2023 12:29:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Jan 2023 22:57:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37698
Connection
keep-alive
Content-Length
10037
Expires
Thu, 19 Jan 2023 22:57:42 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A322
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP15tJT4v38Y0rLKIMoTces&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP15tJT4v38Y0rLKIMoTces&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxc97IuxeZEf9jE7DOfJDJ6tYFDgyz5nNbBb2ChV%2BIi2xkRCvYxaSiRILnSnHZyt05ysoHawyFfJWodwYwPd55Rdc%2FAWRFWUbV8Z48FI5mseSYCIRo1OHHfEkTVSt2f%2FIKE%2FdxmBeonkKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78bf936378022bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEP15tJT4v38Y0rLKIMoTces&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A322 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame A322
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SNH6174Q2MM14YSHSHHS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0FEQ0ESEMF77XRM4K6DY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8k3ogmCpQCNKSh0A8gj3AAABIoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A322
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1890661606084855674
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1890661606084855674
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 19 Jan 2023 12:29:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ee3a3480-de6d-415b-8861-051160f144c6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1890661606084855674
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A322
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3248889564140031137&expiration=1675340964
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3248889564140031137&expiration=1675340964
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3248889564140031137&expiration=1675340964
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame A322
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 19 Jan 2023 12:29:24 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum.casalemedia.com/ Frame A322
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1890661606084855674
43 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1890661606084855674
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhVW6V4nG%2BbjOIpwbgoVVEmAsAHRTXJ3TDa17RT0jRcPnHcVPOFQM2ctTWveTXh%2FS%2B1R2bJR98AfWbEMPAteIBDpCdtfo9vUow08Bcu%2F8UrLi0HCOpLM%2FyvkjCUgIksw8KGV5O2f"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78bf93638b8f9214-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 19 Jan 2023 12:29:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0df403ec-758e-4259-9d8c-bdffa2a6ad0e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1890661606084855674
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A322
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y8k3pAAAkj_KvQA_
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y8k3pAAAkj_KvQA_&_test=Y8k3pAAAkj_KvQA_
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y8k3pAAAkj_KvQA_&_test=Y8k3pAAAkj_KvQA_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220046-HHN
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674131364.496428,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y8k3pAAAkj_KvQA_&_test=Y8k3pAAAkj_KvQA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame A322 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y8k3ogmCpQCNKSh0A8gj3AAA%261162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fbiz.nv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:24 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
37118
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78bf936378d92c6f-FRA
content-length
43
expires
Fri, 20 Jan 2023 12:29:24 GMT
match
c1.adform.net/serving/cookie/ Frame B97E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6019
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47df63c9-37a4-4d00-92db-2c43f3054200&gdpr=0&gdpr_consent=
42 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47df63c9-37a4-4d00-92db-2c43f3054200&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 19 Jan 2023 12:29:24 GMT
Expires
Thu, 19 Jan 2023 12:29:23 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x35 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:47df63c9-37a4-4d00-92db-2c43f3054200&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 599E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4050588184932311287
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4050588184932311287
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4050588184932311287
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 301C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
Thu, 19 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
9897682
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame ACDB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
42 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 19 Jan 2023 12:29:24 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 866C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 19 Jan 2023 12:29:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AMWGFBAX1PEDQ06N2F90

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Jan 2023 12:29:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3D50E82F-6325-4270-8B74-239FF4405A5D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CFEVD3BR448BR776CRS0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3494
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PVDoL2MlQnCLdCOf9EBaXQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:24 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=141977
accept-ranges
bytes
content-length
5554
expires
Sat, 21 Jan 2023 03:55:41 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3494
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=ac31b99240fa8ac9d3a04ac13530e0ac&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 3494
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3D50E82F-6325-4270-8B74-239FF4405A5D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D50E82F-6325-4270-8B74-239FF4405A5D&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D50E82F-6325-4270-8B74-239FF4405A5D&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Thu, 19 Jan 2023 12:29:24 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3D50E82F-6325-4270-8B74-239FF4405A5D&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 3494
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Q1MEU4MkYtNjMyNS00MjcwLThCNzQtMjM5RkY0NDA1QTVE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3494
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhSYD04Ur1Hu62s3VdW0Jo&google_cver=1
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhSYD04Ur1Hu62s3VdW0Jo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhSYD04Ur1Hu62s3VdW0Jo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3494 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 18 Jan 2023 12:29:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3494
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1762804424894346467
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1762804424894346467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Jan 2023 12:29:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1762804424894346467
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3494 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 41DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/b9U2513aJTaD3QQ6O3p7zQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FkQI0QRE2oK8N7Fkt8Ftue0TkOMZV77A3pJy6A--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FkQI0QRE2oK8N7Fkt8Ftue0TkOMZV77A3pJy6A--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 19 Jan 2023 12:29:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-FkQI0QRE2oK8N7Fkt8Ftue0TkOMZV77A3pJy6A--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 41DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD32L5E4-8-6WHI
0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD32L5E4-8-6WHI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1F8469287F0540E3ABA28E23B8484449 Ref B: FRAEDGE2022 Ref C: 2023-01-19T12:29:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXynRVLQfYZBL82DxQkVw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LD32L5E4-8-6WHI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 41DE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eNN6syc2RjeBrakwDih2Yw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eNN6syc2RjeBrakwDih2Yw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eNN6syc2RjeBrakwDih2Yw
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EVTA0SFA2E0Y75A2R77S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eNN6syc2RjeBrakwDih2Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 41DE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ytLp8tL5TFaCNZ5QlSOR2A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ytLp8tL5TFaCNZ5QlSOR2A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ytLp8tL5TFaCNZ5QlSOR2A
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VBA97JZZQ1Z887ET8BK0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ytLp8tL5TFaCNZ5QlSOR2A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 41DE 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 41DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXZ5UZ7A0-8X43rC8r_b2w&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXZ5UZ7A0-8X43rC8r_b2w&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDXZ5UZ7A0-8X43rC8r_b2w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 41DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzMkw1RTQtOC02V0hJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzMkw1RTQtOC02V0hJ
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQzMkw1RTQtOC02V0hJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41DE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1NmFmZjJmY2RmYmU3ZTgwYmYwYTU5ZDg2YzRmMjc4ZmQ0ODNiMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1NmFmZjJmY2RmYmU3ZTgwYmYwYTU5ZDg2YzRmMjc4ZmQ0ODNiMQ
Protocol
H3
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM1NmFmZjJmY2RmYmU3ZTgwYmYwYTU5ZDg2YzRmMjc4ZmQ0ODNiMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame EC72 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfmtl_Pyj9zdJz5Sc9_krbBxsTE3i-XnLUEfuEjQ4vpNYipmqGO5EsS2XJPXLALm96fAKmuBEqIqeOpcxCfJE8wKrz0VbSuP4aHYZTX_oajYO9XGJbo--0PcmSGzmT4qaHqY9rMq_jyypcTvrmewewCI3btt_wWB-i&sai=AMfl-YSR-ilOMskoEMnYEkW11g97HYURs-frMbM0DQyUXMMqb48ynVAjWbCSDcj1f8KX5FG9x4oEVuBYrpXqja26KqfUsz4iPMCtbQXUdIjVeIEP2W7C3PPbLvAuQ1KmJA&sig=Cg0ArKJSzBc8SjYVGn56EAE&cid=CAQSOwDq26N9sApbRxAoS0Rzmi3I6lhFYKZf4JnUnKmQ_yUk0x5QwPgryA2d43nSXX3VwQaVs3fmpXp2RzeuGAEgEw&id=lidar2&mcvt=1001&p=465,281,555,1009&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=637546007&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674131362938&rpt=438&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 70E8 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Jan 2023 12:29:25 GMT
AN-X-Request-Uuid
5bfc97e1-67a6-4f08-88e1-c3c5edc0b3d4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.78; 146.70.117.78; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ar1.png
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/ar1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f24b19441c8a0c9f74a76a0258b5ebd65d11a7e2d6f909367c210d8a81d647b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 10:37:07 GMT
x-content-type-options
nosniff
age
6739
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20533
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 10:37:07 GMT
ar2.png
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/ar2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51b7c1bf2c9300930b74cb711ac534e8f590fc99adddeec34c2a111b0a8b20ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:18 GMT
x-content-type-options
nosniff
age
311168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27605
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:18 GMT
b1.jpg
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/b1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
358fbc18c15514d730cbc4649ff572a995b1c648be78ab380906c380cdb8682f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:18 GMT
x-content-type-options
nosniff
age
311168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12189
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:18 GMT
btn.png
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/btn.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a39c36c4d665339c7b61835a18a436cccffc150fb82cedf0ea944db29bb706f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 10:37:08 GMT
x-content-type-options
nosniff
age
6738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8100
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 10:37:08 GMT
p1.png
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/p1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6dd7acec43fe2800f6ebedcf4ecd4ba15687a66f7c64097df29e02f0f2e6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:18 GMT
x-content-type-options
nosniff
age
311168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8777
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:18 GMT
p2.png
s0.2mdn.net/sadbundle/485704981114345610/ Frame E2CB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/485704981114345610/p2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13878e24f25bab828b3be12fa6150b04f265622954ebde25edee9375e36902bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/485704981114345610/Payoneer_Privat_oct22_v1_300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 22:03:18 GMT
x-content-type-options
nosniff
age
311168
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8860
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 16:02:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 22:03:18 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3494 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162179&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162179
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:29:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5A40 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CVvQJoTfJY-icJIuV3gOngrsYsI23hm7M7LaC4RDR-uSqrgkQASCjl9CGAWCV4pCCoAegAZyv-6gCyAEF4AIAqAMBmAQAqgS0Ak_Q1LO4dCVR6vQV2H80Ji0Ng56qmt6IsrgkNQDooHMwelr0zkPBTAD43L_uaympsS1qfDyyOaV6i4Bipzd6hZyOLXNSz8qTNVpOHAXMfaktJWwh3UfiAmJnDaQWfAWPUFguGLcu5k8T4LDQFwAxAdk11Qwf2WzIeT3-uvGle_lbr8_4sneXJ7l8S-ketKqamJMU9mfhaVZb0CxLpO4333SjuJwSkHPbC4bbhPvYE5QIxaC9RLD9q-tkt4QLKhuUXtek6Ix9zWcZ2Yub1bc6RfKMpqT2eZXc0v98ZdDkUF_tAPaA1p-YpZ2wbz-baWqIYyWrwx1zZWwGwA3xhbAKlYQRQWXgkoCE-vNdtU4iJbjSKH3E9cpR212NJSntcK6IH21x7kLIxaAXDWV8FxcmMfl8VV23wATupcr0kgTgBAGgBlSAB8zQhNcBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=bedYcUYkKpI&cmd=Ch1jYS12aWRlby1wdWItNDI3Mjk3MTUzMDA4NDE3MxAAGAI&label=video_skip_shown&ad_mt=5005&acvw=sv%3D944%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D1684,325,2044,965%26p0%3D1684,325,2044,965%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5067%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1275%26pst%3D425%26dur%3D35038%26vmtime%3D5004%26is%3D33554450%26i0%3D33554450%26cs%3D33558546%26c%3D0%26c0%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D552%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D209042074%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1674131361192%26ptlt%3D1674131367333%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1674131361994&sdkv=h.3.552.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU3NTc5OTE0NjA2MDIMNjM3MjQ0NDEzNDE0QPMCUiYQDyUAACBCKAE6C04zNUVxTUZkRVdZQglnb29nbGVhZHNIkgJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe1i0&_p=1833379527&cid=57635729.1674131361&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1674131360&sct=1&seg=0&dl=https%3A%2F%2Fbiz.nv.ua%2Fukr%2Ffinance%2Fukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html&dt=%D0%A3%D0%BA%D1%80%D0%B5%D0%BA%D1%81%D1%96%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%E2%80%95%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BD%D0%B0%C2%A02023%20%D1%96%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D1%8F%20%D0%BF%D1%96%D0%B4%20%D1%87%D0%B0%D1%81%20%D0%B2%D1%96%D0%B9%D0%BD%D0%B8%20%E2%80%95%20%D0%A1%D0%B5%D1%80%D0%B3%D1%96%D0%B9%20%D0%84%D1%80%D0%BC%D0%B0%D0%BA%D0%BE%D0%B2%20%E2%80%95%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%2F%20NV&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://biz.nv.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Jan 2023 12:29:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://biz.nv.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
counter.nv.ua
URL
https://counter.nv.ua/set?a=50297848

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange function| Cookies object| googletag string| botPattern object| re string| userAgent boolean| realAgent number| iww function| readCookie function| loadBlock boolean| isNvAds object| chead object| dataLayer object| js_script_list object| js_script_list_queue function| addToLoadQueue function| loadScript string| test_variant_session undefined| head undefined| link function| load_paywall_css string| pp_gemius_identifier string| pp_gemius_identifier_infinite function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| fix_branding function| loadBlockTest function| openRadioSite object| name232now object| Cd string| Cr string| Cp object| notsyCmd object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| async_header_block object| async__head_opinions object| async__spec_covid object| async__spec_projects object| async_spec_2023119_projects object| menu__popUp object| load_footer function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| getAjax function| simpleGetRequest function| postAjax function| slideUp function| slideDown function| slideToggle function| toggleClass function| showEndSubscriptionPopup function| load_show_auth_popup function| load_swiper_css object| OneSignal object| userActionsSet object| adBlocksSet function| checkUser object| lazy object| lazy_opinion_backgrouds function| setLazy function| lazyLoad function| cleanLazy function| cleanLazyOpinionBackgrouds function| isInViewport function| registerListener function| fixed_header function| sendAnaliticsEvent function| set_article_view function| get_article_views function| load_next_page_content function| isInViewportArticle function| isInViewportCustom object| articles_list object| next_article_shown function| toggleNextArticleBlock boolean| idealmedia_block boolean| email_block_in_content function| isElementInViewport function| getMainPageSecondPart function| get_selfromo_infinite_scroll function| loadFacebookApp object| config object| targetNode__async_widgets_block object| targetNode__infinite_articles function| callback_renderFirstBanners function| fix_lenta_height object| observer_renderFirstBanners function| hasClass function| addLinks function| findGetParameter function| saveUtm function| initPaywallLinks function| processLazyIframe function| processOembed function| sendToGoogleAnalytics function| sendToGoogleAnalyticsCustom boolean| loaded_after_scroll function| load_after_scroll function| initSnoska function| hideSnoska function| showSnoska function| initSnoskaExit function| loadYoutubeVideos function| loadRiddle function| updatePublishedDate function| isValidDate function| collapseLongArticle function| decollapseArticle function| $ function| jQuery object| webVitals number| session_article_counter number| infinite_article_counter number| infinite_article_counter_all object| scroll_depth_gradation object| scroll_depth_send_event number| eye_correction object| yt_players object| SocialShare number| bfsample object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| gaGlobal function| onYouTubePlayerAPIReady object| gaplugins object| gaData object| ggeac object| google_js_reporting_queue function| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInit function| notsyInitUnit function| notsyNewPlacementTagAdded function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| yieldMaster object| apstag object| notsyAdVideo object| Criteo object| yieldMasterVideo object| notsyAdVideoServices undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id boolean| apstagLOADED object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| VPAIDHTML5Client function| vpaid_video_flash_handler function| InLine__A function| videojsIma function| videojsContribAds object| closure_lm_429936 object| closure_lm_707686 object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_133 object| Criteo_prebid_133 object| google_image_requests

67 Cookies

Domain/Path Name / Value
biz.nv.ua/ukr/finance Name: b
Value: b
.nv.ua/ Name: test_variant_session
Value: A
.nv.ua/ Name: _gcl_au
Value: 1.1.548329121.1674131360
.nv.ua/ Name: dont_show_new_form
Value: 1
.hit.ua/ Name: uid
Value: 2810541329.1674131360.2245121892
.nv.ua/ Name: _ga
Value: GA1.2.57635729.1674131361
.nv.ua/ Name: _gid
Value: GA1.2.1722124442.1674131361
.nv.ua/ Name: _dc_gtm_UA-51943557-1
Value: 1
.nv.ua/ Name: __gfp_64b
Value: ludlqad0S9hUU2TYHYnigMTNSvA1nULxoGhMO3IbjJ3.Q7|1674131360
biz.nv.ua/ Name: cbtYmTName
Value: J1wFTkMFHQVCEkQUEB4WQURGFRBEQRZEBVpI
.hit.gemius.pl/ Name: Gtest
Value: KlxCBRaGQMQGj1-6sGn3adFissGMXP8c25nSGYJyL0D5XBG.
.hit.gemius.pl/ Name: Gdyn
Value: KlQkaMMGQMQGj1-6sGn3adFissGMXP8c25nSGYJyL0D5FRxSG7RrGS6Gx4iBFlMMYH7hRjBGqSRxSG8.
loadercdn.net/ Name: vui
Value: 0c74f2b7218d4f15afbd4db2543c1795
.rubiconproject.com/ Name: khaos
Value: LD32L5E4-8-6WHI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp1kS1E81mGk/sKGGM1eolu5vVtDhgOVUPw0zLiRRUt4XNfevBgkf1xN2/xY80udcQqM9i914k4ngvztw37I7XE0A+VO7RH1E0=
.nv.ua/ Name: __gads
Value: ID=7bf8d5b74e32f167:T=1674131360:S=ALNI_Mb2CiSTIHBS7yHARkhvXgf-cEcf1Q
.nv.ua/ Name: __gpi
Value: UID=00000ba56660dcc2:T=1674131360:RT=1674131360:S=ALNI_MZlc8gkMExbYH4H-BgMj0Kgg5HhNw
a4p.adpartner.pro/ Name: apuid
Value: 5a44c05d-f61a-464b-bade-10becc11718f
.criteo.com/ Name: uid
Value: 70fa3a22-9387-4f8b-ae8c-ec464eb89491
.nv.ua/ Name: cto_bundle
Value: qkzHJF9BTmVndTJPTjRER2I1R2FYVnpVUVo0bmEzbGxPaDZLVE5ZUGpRTXBlemJ2N3pKNkZFa2hkZXphJTJCTlhTeXJ4NndCJTJCc1VjUTJWamZxRXJsR3RGbm45RHhWRiUyRml3JTJCaHJyQjNYT0FFdDRod08lMkZHbXdSMUMwWWppWUFYMVJMOGhmQmhyT1NvciUyQllrTmJ5aTVsblRLQ3hPN3clM0QlM0Q
.nv.ua/ Name: _ga_52RSPD3WMK
Value: GS1.1.1674131360.1.0.1674131362.58.0.0
.adnxs.com/ Name: uuid2
Value: 1890661606084855674
.casalemedia.com/ Name: CMID
Value: Y8k3ogmCpQCNKSh0A8gj3AAA
.casalemedia.com/ Name: CMPS
Value: 1162
.casalemedia.com/ Name: CMPRO
Value: 1162
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?amX:tG!]tbPl1M>e)ZlrFUfJ+tGXxoTT`W96FtzlnCw?+]a9!u$FqLDtOyxK[=FROR3If)y3KL9D3I?+e@BUNT
.doubleclick.net/ Name: IDE
Value: AHWqTUl_AyR7waEzLT2hBVj7J8po1qrUyqH3LRYfmMina6Lcmlx_DTQpnfGjgBiVO1o
.lijit.com/ Name: ljt_reader
Value: GAyttGZHIlOHd5RpSfa1aW0v
.w55c.net/ Name: wfivefivec
Value: emhdkVOi1Piu2L5
.ctnsnet.com/ Name: gid_CAESEDCNtARVkw0BKocMiKE1hIw
Value: 1
.ctnsnet.com/ Name: cid_e98bbd7170384cfb8157ef9a344d3b5e
Value: 1
.blismedia.com/ Name: b
Value: 63C937A371E1630E0C6BE611BLIS
.w55c.net/ Name: matchgoogle
Value: 5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3D50E82F-6325-4270-8B74-239FF4405A5D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162179:2
.pubmatic.com/ Name: DPSync3
Value: 1675296000%3A201_197_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1675382400%3A35%7C1675296000%3A21_13_56_54_251_220_7_161_8
.quantserve.com/ Name: d
Value: EOMBCwGLKPijAA
.quantserve.com/ Name: mc
Value: 63c937a4-63964-6cd02-e8734
.onaudience.com/ Name: cookie
Value: bdc0cf19fbf3137b
.onaudience.com/ Name: done_redirects161
Value: 1
.fiftyt.com/ Name: fifid
Value: f02e3698-efeb-48ec-536b-c56c3eff3359
.fiftyt.com/ Name: cs
Value: MTY3NDEzMTM2NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fPjZHd-oxQboUownQ_8GV0qpko5zGB5h9JQdBhTmqd4S
.simpli.fi/ Name: suid
Value: FD6077A940094116ABA124FCDDED7C17
.adform.net/ Name: C
Value: 1
.fiftyt.com/ Name: fppm
Value: 20230119122924
.mathtag.com/ Name: uuid
Value: 47df63c9-37a4-4d00-92db-2c43f3054200
.adform.net/ Name: uid
Value: 1762804424894346467
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8k3pAAAkj_KvQA_
.de17a.com/ Name: guid
Value: 1.4050588184932311287
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa&KRTB&19420-rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa&KRTB&22979-rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa&KRTB&23403-rlil-atcp_S1XfX5rl_r9vsP9vK1Dv73q1-VMtUa
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOhSYD04Ur1Hu62s3VdW0Jo&KRTB&22987-CAESEOhSYD04Ur1Hu62s3VdW0Jo&KRTB&23025-CAESEOhSYD04Ur1Hu62s3VdW0Jo&KRTB&23386-CAESEOhSYD04Ur1Hu62s3VdW0Jo
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4050588184932311287
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:47df63c9-37a4-4d00-92db-2c43f3054200&KRTB&16736-uid:47df63c9-37a4-4d00-92db-2c43f3054200&KRTB&23019-uid:47df63c9-37a4-4d00-92db-2c43f3054200&KRTB&23114-uid:47df63c9-37a4-4d00-92db-2c43f3054200
.pubmatic.com/ Name: PugT
Value: 1674131363
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1762804424894346467&KRTB&23263-1762804424894346467
.yahoo.com/ Name: A3
Value: d=AQABBKQ3yWMCELLVk-dSqKNdKUlNV6u9H4MFEgEBAQGJymPTYwAAAAAA_eMAAA&S=AQAAAqtVkoIJIxihfgJ2BeMy1nI
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&52112342-3da8-4403-8e65-0c35a1cc1644"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzQxMzEzNjQ7MjswMjEHBTfpcsE8nyZud0kaUdGHsZd26WkPj6A1Vic8iR7hKQ==
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3037:u=1:x=1:i=1674131364:t=1674217764:v=2:sig=AQHJu7AvBsAjZgOCefIR8uNY-nT1h86R"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.onaudience.com/ Name: done_redirects147
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: AxqEy8crjETkqEC0vhfNJGs
.pubmatic.com/ Name: SPugT
Value: 1674131366

5 Console Messages

Source Level URL
Text
security warning URL: https://gaua.hit.gemius.pl/xgemius.js(Line 826)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript error URL: https://biz.nv.ua/ukr/finance/ukreksimbank-prognoz-na-2023-i-transformaciya-pid-chas-viyni-sergiy-yermakov-novini-ukrajini-50297848.html
Message:
Access to XMLHttpRequest at 'https://counter.nv.ua/set?a=50297848' from origin 'https://biz.nv.ua' has been blocked by CORS policy: Request header field x-requested-with is not allowed by Access-Control-Allow-Headers in preflight response.
network error URL: https://counter.nv.ua/set?a=50297848
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error URL: https://b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13943404572528172021/export/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
aud.pubmatic.com
b932775af6263f4c67a2edeb4de0ee91.safeframe.googlesyndication.com
bidder.criteo.com
biz.nv.ua
c.amazon-adsystem.com
c.hit.ua
c1.adform.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.membrana.media
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
counter.nv.ua
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.weserv.nl
imasdk.googleapis.com
js-sec.indexww.com
loada.exelator.com
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
membrana-cdn.media
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
rr4---sn-5hnekn7k.googlevideo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.zmctrack.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
server.smartytech.io
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
unpkg.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
ym-tack.b-cdn.net
counter.nv.ua
13.248.245.213
135.125.160.160
138.199.37.229
141.94.170.77
142.250.186.98
142.251.208.162
146.59.30.96
15.197.193.217
151.101.193.108
151.101.66.49
167.235.242.31
172.64.151.162
172.64.154.237
178.250.0.163
178.250.2.146
18.66.23.213
184.30.209.152
185.187.81.41
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.80
185.64.190.81
185.80.39.216
185.89.210.141
185.89.211.12
2001:4860:4802:32::36
209.54.182.161
213.155.156.165
216.52.2.48
23.35.236.201
2600:9000:2394:b200:1b:5138:8a40:93a1
2602:803:c003:200::41
2606:4700:10::6816:3749
2606:4700:10::ac43:175a
2606:4700::6810:7baf
2606:4700:e0::ac40:6522
2607:f8b0:4007:80e::2003
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400d:802::2006
2a00:1450:400d:806::2001
2a00:1450:400d:806::2004
2a00:1450:400d:806::200e
2a00:1450:400d:807::2001
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a00:1450:400d:80d::200e
2a00:1450:400e:2::9
2a00:1450:4025:401::9a
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a02:26f0:11a::6867:4808
2a04:4e42:600::485
2a05:d018:d29:3601:8218:ef5f:5750:723c
2a0c:5c81:5142::2
3.124.207.220
34.96.105.8
35.186.193.173
35.201.96.126
35.204.158.49
37.157.5.142
37.157.6.242
51.83.220.94
51.89.9.253
52.222.247.205
54.37.238.28
54.78.254.47
54.93.155.250
67.220.228.202
69.173.144.139
69.173.144.165
89.184.81.35
89.187.169.47
91.218.215.4
98.98.134.241
01308cab6e4743678a7897737ab9d94709fb8b50ea89f10e821050c9c2a80cef
030c836a9bf95eedd87775cb3cd5ccd5ce5ca601b23de164f1145ae422a20518
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08b47820684f2e1187fb5bbd75e262d92ce990a4ea6e01f8607d8e0780619037
09323d3aaa420d3e64acbd830cbe5e2dacf5919df9381a55fe0619b93c986215
09b897501ca4828754ab9ae96739cc4f63fdcefd07f451d14b7890a6ee1aa2f9
0a8ea66fd231e5370c5a635712c222158616c022cc6c4d8f2233cef97ff48212
0ae5d1f702dd3496c0544fe974693de1a74a391849adbe727fbacb552700f9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0e2e4b422ea35da03d5cc88c52ef739a364a5141dfef50f8a932fbd7e725351c
120034a69b49e19656d4edf06614ad8807428bb216f539bf22e2cd9e2a9a6e6d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13878e24f25bab828b3be12fa6150b04f265622954ebde25edee9375e36902bb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ce8c3ef4737d7265041eb3ed2c9fede2be978cd0344c34d163b1111d4b1dc58
1d8295bd07bd2b4213146589bc6868c781199e3f5ea64c5924035fddee2dc87d
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
22350330c9b2975ff26f03c0bf981222a426809ddec8157b331bd701cca7085b
29c9bfe2ca56e218b84a4d26a0d38e2facc1b6a3f45b07edce7b7e91972d2a2a
2b0a51ab242bb448467043229f668da072cd571dd2ec010fb0ca78e87e2e786b
2b95f2a741c46ffe90b9c1a56f054f8ebe4671c02db1e9231a6e4ee8ba211df1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33b1b1ae5c24eb4662b60878d554c181ba78ca5426e5103b124c8630ad6e5eb6
33bd4ea89a87decec79d8d5ac450081fd94618bacf34bd71b2674f0db4e41b99
33cc0a21c1ca8eab50680298fedb8440589988e511a82348b00290bb111a4c8d
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
358fbc18c15514d730cbc4649ff572a995b1c648be78ab380906c380cdb8682f
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37f95cbe77f8d3d62c1cd27d988b1acbb18c66015a245a77db298bcc3ac186be
3ae49bd17a5157882d29871e0fb3eb94b619833144f0a5faf1f01768ce3dcd92
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c5ae596988bc5f95f8a3b7f05c6ecf6336c81b7ba42827c7dcb70ae2dacb77e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418c2e392da9d5988870eac1cbb21e20db0bf02eece7ef5067d7fceeddb67794
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
42466df3f55e9b48797e965515b880050fd48e48077a06ee09e8d15fd50656a2
4378bc849a42ff05e81fe01987356e6567085193bea25a64e904b0c0c8718ff0
43f08b3ddaf6e93e58e4fb5d8092a7a4d56429d1e27b1fd603dc465c0fe8d443
45daba72e560d4d86f15a313a9e642eea3f7f7fc6b0e8c5183d7a8b0dfe41576
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
47aa92a22af23dde3d2529b936ade8872f3ac9b24741306c19ddeb04dff58963
4835c5cc0ac1002b1da96d54aa032c45f2dde706b2fa01e2a1c4508a1d77a267
4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507f77775bda327942a9cd365edeb7553f4939a64796b2b40a572868bb873726
5082b61401d079d3f450d2d1fc6eeaadaeef6da36d3c509f54432993e52e466f
51b7c1bf2c9300930b74cb711ac534e8f590fc99adddeec34c2a111b0a8b20ee
553966afb319606760398431ddf0030d8e06167541ce84705d1f69713620c5cd
554e4817f12d9ad6ea8c765d0fdedcc42cdc8314078e82daab3817987be55919
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ab9095d72935d6b05fa710dbaa4691011273289d64cb6b2685e0337b82642ea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e28c58d1eed5e7f571bbb7a8a4400cfe5de0d233fd50155731bdec89fb0d
63cfbcc612feb4e41d3792c5630e579d89b1292f4095c057f97e40a7901f24ab
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
6765d68a6043d2acfea1f892cac9660202af89d3f470cf0fc498caf0bec9bb82
6863fb83a72e216e1d9fdb9922a02c770df702fccc2342d980b0a5be824a2b1b
6d0269984e333e593aed9acc35e7cfcdd7dd41beeb55a592adeacad45a9e3f56
6e6dd7acec43fe2800f6ebedcf4ecd4ba15687a66f7c64097df29e02f0f2e6d5
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
705a478384a14d7e7febb8e6d8dc02a2bbc1aa085b18c0e39442df9ab4183897
72096d995307f185c4cc7e483d8c00aaacf5edcd6e9903afaaf7387230ff2542
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72b6a07439ea4e4eca4e6b48ce1b4cc04d1bca4ab861cd154177659de79287a0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7850e83feab6c3ccfc3d38abc3e58b0a70c7630a88f0c6436650bf27e8cf61d7
79cde4d0b60c56142809fea0fda634ac984eecaa3e8cfe76f90117f94be449a2
7a39c36c4d665339c7b61835a18a436cccffc150fb82cedf0ea944db29bb706f
7c009e9e36fa96154dc45a8a0d9495e1c7323720f30e5bb77001e4f4779544c4
7dc76a1ce4071cfdfd58fabe15a2f4ba326261265ec4918b1244b61ef521296c
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
829c90135a00fb3a03e837a9d149093f68272985ccd9cdd1282803f28797eb97
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
88026111275749381b7e9dc8e3fd18cd3ce35ba1d03718f526603e85612f96a4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f99d554fb220114912bdba6b95c16dab0c494362f0314b655a387b3ebf5725b
90f716f5ee4984ee957b6c1bb92ed787aa8be61e874167ca1878af85c606e836
933155b9124a2a00d027992c50eb1b4f67bc932df4e7accbc4ab06e68608d52d
9522acd7d75fb486c83e619729e7004bc451578956b6a3180ae05e1e15b390b5
98c0a072af5f1cb14e5fd4163879a5111c5aba13d71eb17f42376285956101ab
990127d02183640ddf1e7378afe073db429cd8b3f48094492df17b493e61b050
9a1b30794170aa360345a861695b02afebc86bc6e190e45ae42134c44c563b60
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4d989da013234a14046d1d53bc9656e395e711ae9cde79c02e57316fe1eb97
9cb3d2450b6727f5b2826cbbd807c11933166145d553aec8bbdac8f59930c881
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9f24b19441c8a0c9f74a76a0258b5ebd65d11a7e2d6f909367c210d8a81d647b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011fcb5635bbb03bf9d3be9f0f3c86e5d76bb8f95a94f5338e9fc9caab54bdb
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5193a52af77ea2744cb6f3b28c8aad043c86ce78d64f2582f8dc624edd7a324
aad026905193dc101bc4a469a53ea1fd8c463cda036f633db922ef6dd9b376bb
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
add4038d4e5d4746e426c523af9061158ed4e2c776ddfb478508289f4fd3f960
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b669fca5e6663957c4e5d5132ae1d70694a3108c035a1e75d2996a95ce533a3f
b84ed7072cfc75b0d2a7f178741ed9247ad0d2fe0db550212b67d7a9bff5e194
b8e38fc977b80aee6c5572f98f087a78cbeedbbc4c5eb0216b1c3b1a076e0869
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe17815d41e0cdf2814978d2a07db50f522b730e28e0797ba1dca364ceaeed4
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bef96c9fb1050dfbec9bba9bc7ff1a8c8a805491d35a8c5b15b095eeabd2d9bb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7d016254a7998b4e1c57155283e3f7935035519a59aab00e024c88feac3ca8c
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbeb19d323346d493cccccb29b793fc47976e53473c3ecc0040da91d4e569a19
cbf3893937b10c292c404ec5f4dc8af789ac69c37dea62641d753058fc26ebbc
cebcad5fbe55845bbc7a8763b4f8f9c04e84bc1908607603e8835ac6f9304ec5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d2974c9daf6a71d4250272eaeaa66d2cdfe5fa25bae22a58889a85bff6319faa
d53277139dfae52a06e406049f1f8a0b1246ba55919c6e0cc8844d55530c26c1
dab502a26ed71c5b4e53e37d3b2cb9bdc8b35e389ff6a2fa5e1e9a628af703b7
db7854903c8bebbf4d892c51c9d474bda6bbf00d8b17d3baeaaa2ff7d8263388
dbdf77bbdb53cc5bf6ee98ae59f07a7267aa51dc5db0aaee021a929600d6cd44
dc47c70a7bcc4130d0191bf4583da8d281fe4be3f9cd9b938ee103d0a202a961
dc4c06733ce100ce7468c742c2de401dcaf07116e24b4c2469cf275052a15fb4
dc9fdaddc1fc7b0343d33c194cc20da8f4f9dc74d14bedbec8bc2b82609eba9d
e248b7e3e582fd7b3237d0c4a06ba9b34d0d0d8f758afeacc97eac9cb4e35682
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e427c4e225c2004c0d0dac2ebc2f8fa6611e6a1d2a78539747e8e54159e3bc1d
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e9364a073cb8a24a5cefd6c665523f1f7dbf8a4d1108455842a5024d1702dafa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f0b960f461d81b48d29ac360a0f3553add3be3e891fb67878b4f11a0822339
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
ff72de643857119f752b8d43ffe801de74b4cbcf7889ebabee4247d3ca547cc5