ntn.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ntn.ua/
Effective URL:
https://ntn.ua/uk/
Submission: On May 02 via api (May 2nd 2022, 12:22:14 pm UTC) from GB — Scanned from GB

Summary HTTP 304 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 50 domains to perform 304 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntn.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 12th 2022. Valid for: a year.

This is the only time ntn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 66	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0c:5c81:512... 2a0c:5c81:5120::2	55081 (24SHELLS) (24SHELLS)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.133.44.4 45.133.44.4	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 2	52.49.236.237 52.49.236.237	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:303... 2606:4700:3038::6815:e9e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
29	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.90.154.178 104.90.154.178	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1 1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	78.46.100.190 78.46.100.190	24940 (HETZNER-AS) (HETZNER-AS)
1	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2 4	3.248.54.145 3.248.54.145	16509 (AMAZON-02) (AMAZON-02)
12 32	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
8 12	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 6	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
5 5	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 5	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
6	2600:9000:224... 2600:9000:224a:2600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	44.229.209.14 44.229.209.14	16509 (AMAZON-02) (AMAZON-02)
1 4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.122.83.72 3.122.83.72	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.7.202 51.89.7.202	16276 (OVH) (OVH)
304	57

66 2a06:98c1:3120::7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ntn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5120::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

d.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.236.237 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-236-237.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:e9e2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

inter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.154.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-154-178.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

scontent-cdt1-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

juke.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.100.190 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lawu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.248.54.145 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-54-145.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.185.98 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.102.29.65 (Milan, Italy) 8 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.13 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (Utrecht, Netherlands) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:2600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 44.229.209.14 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-209-14.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.83.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-83-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Rheinfelden, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.7.202 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p37.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	ntn.ua 2 redirects ntn.ua	1 MB
48	googlesyndication.com 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	242 KB
47	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	250 KB
29	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 511 scontent-cdt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 19541	573 KB
24	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1061 static.adsafeprotected.com — Cisco Umbrella Rank: 777 dt.adsafeprotected.com — Cisco Umbrella Rank: 670	225 KB
15	adtelligent.com d.adtelligent.com — Cisco Umbrella Rank: 661621 player.adtelligent.com — Cisco Umbrella Rank: 5069 ghb.adtelligent.com — Cisco Umbrella Rank: 6401 sync.adtelligent.com — Cisco Umbrella Rank: 5011 ghb1.adtelligent.com — Cisco Umbrella Rank: 8181	278 KB
12	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821	11 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 856 gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931	9 KB
7	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 20046 rtb.openx.net — Cisco Umbrella Rank: 2213 us-u.openx.net — Cisco Umbrella Rank: 632	1 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	6 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 29190 hal900030.redintelligence.net — Cisco Umbrella Rank: 251755	10 KB
5	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 1119	1 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	171 KB
5	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 663 pixel.rubiconproject.com — Cisco Umbrella Rank: 478	4 KB
5	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 158595 juke.mmi.bemobile.ua — Cisco Umbrella Rank: 266446 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 160109	21 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	30 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1353	688 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	147 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 590	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 789	2 KB
3	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 126628	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 760	59 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1443	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 447	529 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1840	1 KB
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 948	382 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3762	914 B
2	bigmir.net 1 redirects c.bigmir.net — Cisco Umbrella Rank: 100524 i.bigmir.net — Cisco Umbrella Rank: 192147	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	113 KB
2	inter.ua 1 redirects inter.ua	512 B
2	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 783	390 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	77 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 915	613 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 45497	24 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 432	32 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 680	862 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2104	586 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 955	539 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5029	104 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1313	709 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 881	736 B
1	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 8036	924 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5779	168 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8740	257 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 768	338 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4253	16 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1250	2 KB
0	netmng.com Failed google2waycm.netmng.com Failed
304	50

	Domain	Requested by
66	ntn.ua	2 redirects ntn.ua
32	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
27	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	dt.adsafeprotected.com	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
7	player.adtelligent.com	ntn.ua player.adtelligent.com
6	static.adsafeprotected.com	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	onetag-sys.com	3 redirects 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
5	www.google.com	ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com tpc.googlesyndication.com
5	s0.2mdn.net	ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
5	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
5	www.facebook.com	ntn.ua static.xx.fbcdn.net
5	securepubads.g.doubleclick.net	ntn.ua securepubads.g.doubleclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	hal900030.redintelligence.net	1 redirects 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com hal900030.redintelligence.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	fw.adsafeprotected.com	2 redirects ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
4	www.googletagservices.com	ntn.ua 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
3	mug.criteo.com
3	eb2.3lift.com	3 redirects
3	sync.1rx.io	3 redirects
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	pa.tns-ua.com	source.mmi.bemobile.ua pa.tns-ua.com ntn.ua
3	fastlane.rubiconproject.com	player.adtelligent.com
3	www.google-analytics.com	player.adtelligent.com www.google-analytics.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	ssum-sec.casalemedia.com	2 redirects
2	pm.w55c.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	match.adsrvr.org	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
2	sync.targeting.unrulymedia.com	2 redirects
2	rtb.openx.net	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
2	pixel-sync.sitescout.com	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	ntn.ua
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	scontent-cdt1-1.xx.fbcdn.net	www.facebook.com
2	connect.facebook.net	ntn.ua connect.facebook.net
2	inter.ua	1 redirects ntn.ua
2	match.prod.bidr.io	1 redirects ntn.ua
2	www.googletagmanager.com	ntn.ua
1	id5-sync.com	player.adtelligent.com
1	cdn.contentspread.net	hal900030.redintelligence.net
1	ajax.googleapis.com	hal900030.redintelligence.net
1	sync.mathtag.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
1	hal9000.redintelligence.net	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	adtelligent-d.openx.net	player.adtelligent.com
1	ap.lijit.com	player.adtelligent.com
1	rtb.adxpremium.services	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	sync.adtelligent.com	ntn.ua
1	a4p.adpartner.pro	1 redirects
1	juke.mmi.bemobile.ua	ntn.ua
1	source.mmi.bemobile.ua	ntn.ua
1	i.bigmir.net	ntn.ua
1	c.bigmir.net	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	stags.bluekai.com	tags.bkrtx.com
1	tags.bkrtx.com	ntn.ua
1	unpkg.com	ntn.ua
1	d.adtelligent.com	ntn.ua
0	google2waycm.netmng.com Failed	7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
304	74

This site contains links to these domains. Also see Links.

Domain
pda.ntn.ua
itunes.apple.com
play.google.com
inter.ua
k1.ua
megatv.ua
zoomua.tv
podrobnosti.ua
music.com.ua
enterfilm.com.ua
k2.ua
interplus.ua
pixelua.tv
intertext.com.ua
uaimg.com
interactive-marketing.com.ua
argentum.ua
www.bigmir.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-12` - `2023-03-11`	a year	crt.sh
d.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-03-29` - `2022-06-27`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
contentspread.net R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://ntn.ua/uk/
Frame ID: 8F6857AE3EF0BC68529D065F7CC39E90
Requests: 126 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fntn.channel%26width%26height%3D260%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dfalse%26appId%3D219434378199819
Frame ID: 0E841202F3CE3D819C8C4302BB37C66F
Requests: 32 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=12003295
Frame ID: 75CA3C683CC1766EF40E770374E1BA35
Requests: 1 HTTP requests in this frame

Frame: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BEFF484E9DDD5A78622B60BADD34D644
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 48C0F5248392781116F9358D2E3419C0
Requests: 1 HTTP requests in this frame

Frame: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4557C62B09133439619DDF8FBC4AE595
Requests: 1 HTTP requests in this frame

Frame: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4821FF386629A0D109AAD9AA413FE1E4
Requests: 11 HTTP requests in this frame

Frame: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0761FE4D66AF581E85987DA6CCAA5EA9
Requests: 1 HTTP requests in this frame

Frame: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C84A739D8BF20ADCF77228B43EEF78A5
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQiraNnwMY_OCRxQEwAQ&v=APEucNVAHMd99ObPQ0JI1MgG7bD0hKkH_mF0mSCjeCOoEyx-FU6bwLXTn0UgDrfH2UITVoSja0vwg8aRjmc3-ofJNtOHV91YkloqEoL6Vzxn9TqW_BBL3N0Ogs3Dl0SVeyQH3KDyl21QDPB9veuDKg-07Cfrfnl3QIdc0w_JHEukQimM21Rp-Jg
Frame ID: 0B879D98C775573733FDE653DF97F6A9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Frame ID: 50A3467637DD429AE9C45FBD779CE147
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao
Frame ID: DAF9322460CC42BFD45D859F0CC7BCF1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsbKjcTPc1kLh8rcgxciQV6twKZoSw9iMthrPZANE1QgBvNkRylw0mVSqdpibys8Ndv7l1ynKx3OtuFaFG0awszipf6G4yqEdkD9_eNugjIDUYjMAl6P83lGftVKWY5-O5XAVXD4RF3kQ34LS7ypLWCC8dnw&dbm_d=AKAmf-DdoOj1aSPtq5sOFfpD0sQzA8pF5Arvw3X-wj-4kru0srE75big33Sg40QM8lkbPDNlfpbR2owS9nVW0TywjflqJh7IbOCMJ2AEWvKIdz8fVT18KK5sBMiOG9LlCtu4YXl1y3GmB-Udu8S7igm1oX_cDpFNaiHEITdBAAp0td9mPCJcrsoxR1jfbd1aLTnnpADRH0y_f3XSNrIqHPyLAvvd_kzsHm4NRbOk5_KK4p1IhhPFrpp3ZdxaO2WGX6y7Htkop9S6hTCYPE_rh967Qm8J2KFqOO-CftoY-QL9SkGKS1jcnncNor-WgtfNqa82TexUvuS4GHdFxaqC2xeFXIJ8REdRPDCQpNlwf_nPTeRFR5Bg-ofuQxGyvR6sOIMfpj6joS9Ot_ntofOsBZ9RqF7cCJhgXATO74HIXov_e2PQHubccHQ9kTJg1JdOIuwwvAr19WzZY_vQBe71e-TGR0hyNaJIQFNSxcv2hMmH1ajF9i3KTD5tLKJqiXIgorPX_PUzzej1VhS1pfQ5UTlhwZY-ELnYT4RDULSauWr879z6rX1OhWT0vVM0QEdvaUGsaUJ5irzonhu0V8o22H9btq4i0fQVs1eGVmnE30v1L6-ucfa7kACRUDC1hS0sCodnUjioGWGsVkcl4_60KPN2zPq0JwEeHczf8GNF_SrCfTQygI2lYa_cuGcxhe8KpU3Bn6S7sPj7Xlj9Ln7rljnxzRGol2hNicr_jmRE2Ra6ezbcWmshKr43k_hKrbnLccUAyvhPPq28G_xzSWwM6vbMKAX6OpeJ-5rZTyfI4a8v_HqhwpyfaMOirYIfSTXePbQDaEATQLiN3b92bJitpmiQYlCpZsoNTvTxW8CnnQd4_-ecJx_coJePrheNUpdBMYO__wRJ6utvh_ytWh_54-Ik3L1M4EIASo-fE1XDfhEZs58XSpc484X2tQoi2Judgw0zpns3dL2kZVUi5M-1k0b4sKugPjh7VeUxDStgNWAc1pfZFsqwoLhOnZkh7MSln7xL180VrgDupKkkq4MX140E2qBJoqGpy6nQbpghTt497H5fLmaVH9-E_3qKj_0h3SH-1PcUNB73544xrXHn76Jp86z638uII4vgwQGtH7uJYBMQAsS6WVvf62jsy-ycRzalCv9XoQchykhd63z8DFCmYpdMxJH1tc-VHhSooRGHrlqCJ-ATiUc0d4TwI3GUDxdKcT8rcxtdlrFAgenW3I7udnfOUSzMln_VzLvzHyeL0pfrCIMiTB01d07dNaeq8OnybPzQWWNuVtuJCYfub-2U2hF4HlnldAmY0bf4s7X_EcEOGXJeUw46RrfKn_CSfZRaCfq6FdOdDYxwcyPMo_nsoE2682FUoiV76wiczOd84U6nnd2C3-1SNuexJn3WaGW__M5UmczLVaokHVU924KkvgMfDwzgOVw33bvjFPsY-TkGnU7BnMWl0TR8PzV1oxfBlUeVzJfSqoysrOH4sf4TkFp2BrYaSiiykc_uMutW24jl4tzaZkVDpoY335wAjfPKEuIv6EmMz2luuuQsy5dFbBgjqcJttC-UFMxIiWjtRfaluPW3Vbc3GNDVesqTEaEuIKJRgN8s2T9g7l7qSVc26vCNrNB6_V8jo0o-tnHu0a4RR5r34KC3EiZfvQX_2Vk5GESHsLGIxW24YCxksBZ5dW8R_VJK6T50lil1S94AevB4KhjqauQVv8JoWdya-sTE0VOqPuA5EEPI3ckWLPdM-o01feMkOJnURQEi6OlKOvGc_yQWpJ1LJdy0ikYzcnAdvT-2S4Y5GvNvW2ztUiQ40LtFw2zPHP4HYFraTaV2IH-0H1o5iTkdglVNEuGktajaZv4y6En90PbqCGWTtpQLIh3OaLwZI9ExJuzqz38sp0vtd8z6mt03MR8Lw_LnCXEuQ_FMdkVvFT4XzHeUgovB3IhOIyGC24XEXdWfjTWw3ZAMHwGLl0qBk2anrdA10GwUruAw7GXMUTkAAK3fxOM2bRtYz0nv-R-Jxjymn4kJbWmhzszs8_IekRh6SzZKECAGcmlWjVO6HhqaGvlHMLIKYTE-QZjbdbSbiPucE7DV-BVPzgsn7O_jooChGGb36XpDHXfBXadGIYmbf8rfRFNDC3xmUooGdTXLxc6PrZivsugLCzLohCJvX0ClgYNBEzRNvXJPqyejGABC7DI0MPe3Xp_aKPlkmLC0WNo4LsmGL2MBq04qbM9hFTs2LFAcG0BPYTAqSom4N-q-7I7d8ylTo8Vo8bUBcPu4G3gzbPCS4U21DDiaifQulQ2z5VTVGpQBT7eva9dZlOrb3oaj4nuzsxMBYG_5tGNEgoSyxTuOXm6zeDlfcTR95oGv9whpBBtdkyYeyL372-M42U9IBOlDN4M8LfnW6G0wDJ-PitU27DiqsmE_8-EbM44NUWMaILdzv3jUdOpSSaJ7NctjoWFTuimlOgQyaiMrVMXWi4S4r6YJycDYM04rHKDEGP5dRYqOH8ZbaTgWD6NNt1tpAnO9xGwYkgWT-N1qvNTzP4WjOCGUY7i7ZYn3qcOh9af5xv15cLPjwkyV7KDKFnxJAqOjcuyyxomgTS_eAVDqlRezpvI3GDk1kE6HM9rDH_03qFkJ4qXkBPGSy4zlGe9THwVhV5RBXvgOQ5GGHmVgtdLbbLERMthXOUQ&cid=CAASJORoVm3--ySK67RGL7pmZ0jx14DPlmdzpuHiw2yIbFC56FPf6A&rfl=2%2Chttps%253A%252F%252Fntn.ua%252F%240
Frame ID: C586A90573AC106515840AF4A3010FC6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW58zGATAB&v=APEucNVqP3ZyG8iQ5Aa3ejcDIOb-zv9TAvwS_V35FqMwNwdyYD6pTiXGSDpQnr-88ThkgZ4BbvTd-HbB8j79A0btLgjjAIMHrochdn4kqsctwjYpnHELuA-tppt-tCjG38At0nBQvxptoz9F9VAR1zfPCycOR55yazjEAgfC5Y6XYzDRGCRwXyM
Frame ID: 0299C192EDFB18894C44AB8F19EE9411
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo
Frame ID: CCA8C2E9DAD380DCAF56BCB20F386CE5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5864988BD05BC22285ED5398DBD0FBD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16F7728755F36036FC4ED527BD1B4E13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05C62275D7C8C1A53CDE76EFD52CACD7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 169BCB6B60EAFC2D12B6099E6C671416
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EADCEC7D77F1EE1B77E27630F8129065
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 12E67F229224AE180653842ADEBBE446
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 83C0D8DCFA6FD855368D272F5D0EE4AD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 9C10D7EB304BBE6364ED926C868F201A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 417A1895CC445075C380EEB9859546A6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD69F0E96DBE9870B869CDFB70BA1AAC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 93D3CEC3433C4D3FA013461BA1AF474A
Requests: 9 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac
Frame ID: BF8700B93522526275F5AF440A6715D7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 388564C91DC476FACFEFF31F0DE4331C
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua
Frame ID: D8EC3419280DA9F02340C4C96B8E632A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Телеканал НТН

Page URL History Show full URLs

http://ntn.ua/ HTTP 301
https://ntn.ua/ HTTP 302
https://ntn.ua/uk/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

304
Requests

87 %
HTTPS

38 %
IPv6

50
Domains

74
Subdomains

57
IPs

10
Countries

3786 kB
Transfer

8941 kB
Size

40
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pda.ntn.ua/
Title: PDA

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/svidok/id1191575817
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=io.appio.svidok
Title: Android

Search URL Search Domain Scan URL

URL: http://inter.ua/

Search URL Search Domain Scan URL

URL: http://k1.ua/

Search URL Search Domain Scan URL

URL: http://megatv.ua/

Search URL Search Domain Scan URL

URL: http://zoomua.tv/

Search URL Search Domain Scan URL

URL: https://podrobnosti.ua/

Search URL Search Domain Scan URL

URL: http://music.com.ua/

Search URL Search Domain Scan URL

URL: http://enterfilm.com.ua/

Search URL Search Domain Scan URL

URL: http://k2.ua/

Search URL Search Domain Scan URL

URL: http://interplus.ua/

Search URL Search Domain Scan URL

URL: http://pixelua.tv/

Search URL Search Domain Scan URL

URL: http://intertext.com.ua/

Search URL Search Domain Scan URL

URL: http://uaimg.com/
Title: Inter Media Group Limited

Search URL Search Domain Scan URL

URL: http://interactive-marketing.com.ua/advertising/tvpacket.html
Title: Реклама на сайті

Search URL Search Domain Scan URL

URL: http://argentum.ua/
Title: Argentum IT Lab

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ntn.ua/ HTTP 301
https://ntn.ua/ HTTP 302
https://ntn.ua/uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://match.prod.bidr.io/cookie-sync/atg HTTP 303
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1

Request Chain 42

https://inter.ua/uk/announce/channel/3 HTTP 301
https://inter.ua/ua

Request Chain 109

https://c.bigmir.net/?v88708&s89294&t3&c1&n512386&w0&y0&d24&r1600 HTTP 302
https://i.bigmir.net/cnt/03.png

Request Chain 115

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=18a9fb9e-254d-407b-90c4-13e281961431

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1

Request Chain 195

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym-M7ALqgkHzHJh-VGRLagAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

Request Chain 197

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMDIxMDc4ODY2OTY4MDQ2OA%3D%3D

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym-M7FbFCuTBVJGzGst3AgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

Request Chain 201

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwNzE4Njg2NzAxNDk2MDIyNw%3D%3D

Request Chain 204

https://um.simpli.fi/gp_match?google_gid=CAESEMvb_t0uP5AbTVLEGDIph_g&google_cver=1&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pjie9Oj02_YPHzu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C35650D007174FA19D95D42DF7718561&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pjie9Oj02_YPHzu

Request Chain 207

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK7vn51-gKDo2PAax8oLXME&google_cver=1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1651494124090 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk%26google_hm%3DA9bipMBz7EsKnOhUXCtSJZM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&google_hm=A9bipMBz7EsKnOhUXCtSJZM

Request Chain 208

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEODbryqUjbMU3XcOhjAIxI8&google_cver=1&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU&google_gid=CAESEODbryqUjbMU3XcOhjAIxI8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU

Request Chain 210

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPIexFbFGZMt6L1I_kVhAZBCsUgblWo9UI9bE5zVLe2yqYB6IGPNgl_qShmTG1KTC6K7863Fwfhx5JHTWZ3Vj2a5JzqGxKj9pw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIexFbFGZMt6L1I_kVhAZBCsUgblWo9UI9bE5zVLe2yqYB6IGPNgl_qShmTG1KTC6K7863Fwfhx5JHTWZ3Vj2a5JzqGxKj9pw HTTP 302
https://onetag-sys.com/sync/i,19/?google_error=5

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1

Request Chain 230

https://fw.adsafeprotected.com/rfw/bgd/1019799/62567012/xbbe/creative/adj?p=APEucNVSaum-_gO9wzkRqaUbDyGJU_-lIeMu1seJDhNSFj5hD72IKTA&d=CnkAoCZ_4IjdtC4FdZlhHuz8aKmMQsMG98FVpb-s_S_aBYRzSjeviXQWEp5BwQnUneI7v_c8qtx7IsBqA-3yrUUkSrxn_IR2_SG9fMM35UyhD253aWq0zl1IbiU6jfDCpJ8N5ueefdfhhDbQ764mXVp7tEIFdhxXxrjLEvkSAKAmf-Cy3gSgYkUlYaSSyKdm-zagiuaXROlK-R2aODHcgMjuTi_eompQLXd2Vrnb3H6gAzIbt0QnPQjSnGBXn0TWs2Os4Vy4x0JWp1ZC72AEOs5JfzOg9EpestH81f9Rw6IT4tHruft39kB2MlzoYQ6G2otBaSyCqrIcwlJIO2MMGyBlonb0pESEE0Lmqn3LPD1b_9U6sh7aYsno628LPfCDNfc39Y8TIGNahHH1CUlph2EQdz05l6iDPm6ZdLuCSX1TXBk220CtFt9uAs5mdr_Xzp4DIgGOMY-yHFwEn05iElkpfcTqn0c1jJpH2QHMXc-bzwJ8FPsK2PAaBJDaMQLYMXgJUF4Bd2NhRBUah4-W8vz9jvJhZ5oNbIKdUZUKd3_JDAseNWSWvyWo9YXDxJR5tMePCLffDQUaYEAmrLAt2Gz1xmqrezVGGSY184c8_nsQngbXbzK85nFVc6oZcish_R61Zm4qWzpieUyjiM0BxBuJY9pSWqgSSHiNnZ_p9B-aXxUyNpBOjTrh5vInYEl2y7GTyFCHXIQ0zsyWGv-CPEUIo0U6Dg5t2ZDmQC7H9eDC1wyBRX02O38dqSn8-c8wnssR7lITMS54t4xYjXi6sJGdhzdJDO7QZZynvonRUOEoExt4q1R2kyPHjCPvuTsYTcmATKKlMoa17g5WG9VzxNoeaY-Uo9t7K5pvbb4IPi0g3hzJMluCUQnyY4GErGMAzmXSyP2LDpzfuF6q9Vm8JP5Y20ACxy8wRCAeYvkgx60cGZdgQEbPNmNgBhd4A6LwQsJzCyb22Ak0RIXu5ORQIOVo0jojRmqBQZOuvyYDhuuyrTXCV4R5KFJWLm6v9IBE4gAaSXTpRhODO_YbSyMkg-szLReEHiagjC8uzUXPS_5C0nIlqYDY91yiC7AjwBYcOQcDkiw4gpZ2ImlZkw0fcs1inhPHG_-5ha9DGPhtw2YFGoOt_NMPf_fK09hOdT3JNcFxAoc9bzqhPDu61KQYhdAtFOHK_QHSw4nBVaZImDAvvLvJ1qC_5AeNqvbQx9WoXTLshcJ0SRL1aHkDWHO7tW-15C9A4oIOgrnlS6mx8xMFtam6ai8BoLuSZJrx526K-Ua0JmtBby28F3uCm77AbPRUDhpsNG31zzPQBSQ7mAeON7oh83ha_Fcs2jW2yBQprzjjg0sMiN1fTT-lii-mcM5-FZV7sCx1l1oKtaMCfvnXAc6DLF8tBcOWz5zYF9NVx_uK4jXS7EnVnwYW7eYQmZhPTJipCMRKYJXEgB9U-txR5nCJa8H8eGRTRQqnllrVpJlWT1zGRI9Ae6r3ymIRy7pzveqxL385FEX2f5lzzPTCkZSWx_7lLOiSVQmV_pLpiw4RwAGZrx_q4V9PxnkoAovUndB7rVvaAh236RtbLiO6tXs2yFhG9CskeSG7VwQ9XFy4kSrSMDvVdMieOWu7O2dtV0a7zD3r6TSPw075NMJiFONIJ_lYj08WMU3XuKwEYlxIV393dgFdhQeT9WrFXBzj_9kNsfIMwHqfrM8RTy2Ao19TaKtGGgE02AtAhEehGgvvHOXB3ojisUqflH3cnEoXdMwgplRPdzB7Zj2VIjOu4KWDSj2T9pP7utgCUVTT9efguOTLaPyYuGArYVDWPSYXbMAKYsQea77FQmV0IWJ9P86wTNqzb6S8HKzhKdKXDTSLSPcpvIVnVG7W_-qYO6LsQg_cPyo4ut2DJaCqKLBH7sCFnjjh_MN5hCfzTkA83bqkt7whoCucSmMxiQHFZCOYFn3G3V87CRL9xvHaMs4v83v-lIXVSK4YoQh0AejwKjNGCxqKYyTkYmEdxSxHKKgvwofPZJ_o4Ma3cqBFNo93kGqWx1k_NkjgmrMsaZ04KQw1JoyYcHkGp4OS4JBGI_jK8lgw2WVm440Ra7IRCFirHvowPRSP-SUH85UJERp4cnXMFhWp0xsQ8Vq5YKElPJajAbN45q4gV269ubSctmJ0r5eWpKzTLg3a4lx5jHfC0aKfEIfvUcHrnYTaFZazZ8sa6c8RHgByTEP6uKtwMPX9TN_a5ast1uebVgfxokWvKPb3bGPbkbNBmLC1TBwLC0gsb2pX_JfteFn772bVFtNHLjNv4g7_8xcoFucOLtRRt8kIig8e9u3dRFtj-fk07cTcbPWP13qupFYQLGEPame5s5KnWRfSYhrBKbe8Pv6nj6tuKezmc0VUALH10BZj4x3au6bLqKMROCVh_NT4LcnB2G2DJnVLI8k-ceCtGSAcASQY3PeanLDX2YOzwvYzlnOX8wzwAdR4w4EOZulYcP_pDYglIOyGOkguYUiItGOkv0tKIFzkfmK4R0ZglqwYV7ECuuz9tYT7yZu3WrHokJb8sqymV6jlXeWhftAqLJtWZxb_3_2nlYPFxx7KHwnOgnnylTNzF-9maHzNkfl5HU8AHlJdNxs3PumgQxB55S8Uys5U2KjAxEAYEseQB0ZEM6gh54bxZFDpSz0B8zVncw47u7lQYrYbbSXN1x1gHvOHEGkza5AiqFs_FctGxbl37RsKl1TZRMIe_cqZT-8G2Vov8SCkSUGUSLv_VxmAsrqhelaKjNTYkfCiGaxz_JIoJ75VGWwSAmRNugfEjyZYwbvAtpVGI0bbKorV4mzQLWGcxDkhSLMBVInQwKwt4kag4eot7xpAZocQmXvgVoeDp9yKFjJmFCuUAc0GqJpiaQboAL_lq6d8RoaEHBdEXU3BEag0cpk6Ln5oJhbMbRBZkkF4pGzmOavE_YdDOUX2eqnZoqv5MPg5zFwt0RaHq4DFclJAZbw1lq8Jlqcl4wxKxqp1VtuyumMRLTKg9JHLwui-o66j_v0QA51iBoFwOUUnQ7Lnp2Xdr_XE0SnuwexPKEUA3bzgSdl0v5ldTdr6B1PqrMagIrVp4dsIlvRCvxkxMTAAx5dC7hEV4SJunmEab97bBDrcf3478zf5SU96QmqFeLxxVSMJN84BFCyaj3ctVPgS1UvSDZgO8a4azAWXbQnyzcyj00aUm_Y4u7FFnxvqtnArtUzX6pIJtYIsAHR-YrxusrahPuZb-wlK_o6cVuKV6sCLN-BecuG5ASQTHgLhWqIrRWGMp8D2XZMSrXz304-M2mJbccgCm_grVd2Uaj7NeGPlGz9zx7y5ngApgC7sZVKnQWzNaYno7fQSyTBkysgA0wUwrHtu28EHXgrUBOZPLGzjRN9AlP3KwFwCWFu_eqOSjX426hooCAASJORoPtBgqI2ZcshrcKrz4jpJ4SfVI7NI2IAFJhOq-WnCrbGJH2AB&ias_dspID=3&ias_campId=1006201864&ias_pubId=pub-2070890256337765&ias_chanId=1&ias_placementId=16725270697&bidurl=https://ntn.ua/uk/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0izXnGeNjz_kueIUUfEQZow&adsafe_url=https%3A%2F%2Fntn.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2803d416-8398-a909-2934-8d6b5253cb8b,c:bswpLK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-7f5jh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:cfrma1,nbld:0,mtim:3,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:79920f4f-ca12-11ec-b8f8-3eb89ae433b3,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 232

https://fw.adsafeprotected.com/rfw/bgd/1019799/62566992/xbbe/creative/adj?p=APEucNWilZZpv_-c-SlQEeDE0fyDdIrFuQnSVwQYapLcPUHfvaKrAtA&d=CnkAoCZ_4Ai292COjNOe_PDtyVZpVOPpi19-XMI5skfsdnZ9WT_a-6aEkv-QXyHl_-Y8LBowWp66WTTc0XN__7zMjwuOjSeFh3ZTkpLmS7JmxHk5oS0zVicg5j0fBRh6JYpJ3k7roW3Q8lf_VdFvbmXbMNCBzabssEzNEokTAKAmf-CP0N-6KHjpb0zQxylI5ZpE62nO1W0RWY9hKPy4DnupL4UKkCg4IcJECxLOg7IUE0W0H0yUSF5XtFHJwUmhoFYHcicdpECaDr3LKL--AtK2Oz9sp_meqXvqvv8oroGW92ta6y2I5TNidmDxvXmmrkgHpyE8JlVg3BuywyH_ifZ4gFad-bJGGlX_z492TS2X2kV2OwrK8QiiMXY-FRbF2lk9U_ymy4W5mPRQXDmZnsheGrBEgzIF_0qRC5f-afEMTpJA7uhKCPnWF3QvrnHmJWowKBRV5aPLuim7lM8W6D-pLadMRIt_KDYxJWErykqTec2LqmaowuWvEX129EdxFtM9MEAxz-OXCc2ZV8soPyKPjjVkjwI9zMSd0Ws0Be5K9dlDfcTyedsuh9buKuJS8Srh4RPlGmbccM43SZfZJ6LFmrI6l9a9kBxCuXEo5HqSi_Pw8WWHH9n0VGu7xcLMejGJthVA8_i4J78rif5EIx7nGhnAlULzkezg0pkJ8oQrjTamuWZOd6gy0ctqJAFR5_gqfzx-pQ7WStpZww44dNBlvXqW7TMi4alCycSV8bz0WwbNI43Ax1IusN0Uxe9L0Ue_YlUCVPq_vK3KnfUw5Z44GsSaOoCo2hj8mTMLLdrjazb6cctF1iUnY_C2wGq5lIxbE5e0euohdukAAMXNaQnUMrHpSqArVFdvYlGjT8ahlHqRBTwhc92RrBlYOtT8lnCveQkMEaIeVrO28D7fR_0VLuXtmqAHzVeXli7GhxOrkisiOpo_i6UDnzLgmzx1Uf9EH__TYxCvPnIQN3A1QQQlT0wgkz-qNmJdYlnq68eR5Ykfp08on0GeULWekT9Ph3gqwjD8wLHO3o2072tlG9nvZ737LJeqCYDmkCulBBN6ucJsRvdc6GdGeyQ-txAmx6fM0bA3kw4FD8653wdKlQ_7lHaHvMUb3OtCLKGsDUJCbEyGg-6LlC1T-c-xRtLJAOInDSDTMa49dIDJDyJHS2iw1CwvTCBN43kwe9LAuDBwjpogNmqErX5St6mKHG934h2QMJIFb1CqDbPvq3uK_QLof7DjvFjY3b6wNyilLjLMZALA9OTWOkJW9Q2j62oZ0cGBrgd0cs8vXv-aKScpYTEdrRWPP-I1_sgYFr0CDxqM_1UepyLNqCumVdnFh7AtY5KshK1jnIZIEHLbjKptBCKc-dHfavNnMfsD-QL_rF6m04XXzYGqzLtWDAhQ4B1aE3xcga54MVU4Orbu-VP6nw9fc7kIcY4TFX-KdtGTtvFqH0vszHMCBPWL4f27rLU7vBlRs-4i8qr40lN2mmzaGXQz4Lz3RJ_FjIEzav1QflVja1jf_yiCe5Ac7k748o2b8AYInsgXWpFcxtHoLhVkis8KYZ2BulJFhOtTVdFkVELa2RYaHi2tGhKOtB-UqXZui83RAlLwDgVhqAkvwVj_nKkApIzEvosjBPYZWzPmD2ih5lWFDWr5w-nCIgUaO3v-1yUUvj7SpftssKXuk2UgrUvgnEi6G_o4Aj-itk9staxu6f388SMj2-63ZexUxPRL-zDhgBmAD5sGWGJyhLlTaDe_cHhuV9k_5ADLNhAHNzLueCRY0u9ZWHyVEXOBWVYjpQNxwFWQGdMU0Jr-Zo5tqDR_8pa1lLjSlDm9ewT3PAEHKTHN4OB2T7H2V7xTmdmbjPIDbuBDDhQi3wW01S314ezrDC99YNGeN7vGqY2AtYb7HmdUuvQ-Je3Murrk1cfLz28SpdvJpN3WP8JrmBqBiIcNne62vnoDP4e8Qn052v-_9Y7z7z2J8wyPn5ZkYeNj_hxBzMPsnqBczaIGhDXrx_5bC_6lScl_5htkbXcDNjFz4nrimOfwgZzfq5f02ByPnT8STdvKIVFfirNNespZzdV0waQ2SL69TprQkH6cfU4rdtCi7tYqr1hIx6ZbxnvmXm36Kl0v3xWcaKZHfi3ytu6DdMBmg2GxWgyE4RkFS8MGKauYZukU_OgVeJpIvvcd-aTn7G5h9scqF4adjd1E5U02aeZnNoRhZfOw8jL-yBYHQT5RGzKTr_vvR_3F-eTRDSAHd-qhR5uTpA-0RZTM4ZR-KBFiQARrm80gyUINOFYCwiZTyeAnyb1kQLq3EWqMoQizKdoPmqVvLpkTOKzcVHnvbA0NXpIlBUMRaRAJRA51NaQ5eb0Jz5dIFSP_r4e7rug1QZWBifwKb52kcDrqziJg3Ao71mEo5vEGAoE4VBcHF-3j_tuOaNHLfeIRO4YwDqAfa1bWNNkTK-w9_uvLLM-aX0jAv1zNdD75hFNQs4e-yr90fx-adcePbD-eGHsypjbCGVhKQ6mIMwjveAE3jY6Dju6e_tm9HRv9JlTBOn_Y12c7D50jHW6-A_E-MAiTN5VWckULRbp4rHitYHIfpqpSzn-CAU1sJWP7XZdR-k60atWAUQMEs1bNmAKpiXcJOx9NzVNKXbGcoop9iBfW4Owo3liL5R8m5fgJTHLHM9G8HnppEineuMCxx6LISaDygsO57Gej_02euJEuC0dfA-YZ5l_9C0tU6fqfxRGI1iTJDRaWGnrrb54j2vpxo9UZvM36c0BDZOKyNJXjfysJLOG3331_Ov-DIbgKIJxhLN57R_wlBmfmyLvTQf1DpeQiBDfl7etlK9XZCYzbmrQejWXS6Ral8y7I7GirvIYGzb-wfbaWLEDqdNzThvlxjCWUfuHA64GNJKEhd4KDBknOllCwhaQrfDIwytcRMuSf9QHUoOWF9eXXbBFd6r25M5sKpGpPpLKC2qRkyinUZygoFMQFq_st4lXdkbQ08y-4Radob7ylgDZR94td3KDRtWnGjhw8_3tPYr3P3v-EE7Wq6ng50DbxmjxO5B1Weqflf80cfg27bBqEQ5Tbkr-vLkmWzd4ZsUaJbTq6Q4M8MrIN8Xl3amraxmSTJNruAIrwHVVOjFFIpVGGjQJc2EzDb3JvHzPqQP7j7px8LAsnCjHamreVOOahGiNtbrANbjud8Mu7R9zqcIfysY-0X2mA7bAhHciA10d8Pb01nNFRe-dIwPAdddNIEqzNol1peNYGA4fy5nU6zQhohJR8vQAfqTwwKWw6jqBNh1dcdXmTnV96uy6qWAGs2JKweD0Lt19dz3qZs9R7iVvIHZpnPXX38_TAxlIaPASN9nAHjdF4go7fNopBBx6Bp3qlu6pxqf24e7tQaGyyThmnNKFKMWTUTVQA7j4m2uBOaBb8eGR3_d1bLkDiOAf7tkYaKAgAEiTkaFZt_vskiuu0Ri-6ZmdI8deAz5Znc6bh4sNsiGxQuehT3-hgAQ&ias_dspID=3&ias_campId=1006201864&ias_pubId=pub-2070890256337765&ias_chanId=1&ias_placementId=16725270697&bidurl=https://ntn.ua/uk/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iSncERAlm3XgxzS6cq1CBT&adsafe_url=https%3A%2F%2Fntn.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fntn.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:67ffdc79-df34-6277-c2f4-87ede98bab1a,c:bswpMl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-578cdd6bcc-72zp8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:cfrma1,nbld:0,mtim:2,fm:t4G92ye+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171*.1019799-62566992%7C1711%7C1712%7C181%7C182%7C183%7C19%7C1a,idMap:171*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:7993e482-ca12-11ec-aff1-6e0b7dbf9414,v:19.8.306,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_160x600.js

Request Chain 241

https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D&documentReferer=https%3A%2F%2Fntn.ua%2F&ancestorOrigins=https%3A%2F%2Fntn.ua&random=6652785383745&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D&documentReferer=https%3A%2F%2Fntn.ua%2F&ancestorOrigins=https%3A%2F%2Fntn.ua&random=6652785383745&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 254

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELKJ6NM3G-GfahwmQsMs0xQ&google_cver=1&google_push=AYg5qPK2r9606GNg7gSUOQltCyUTrZJxPOawwcGHpOZoKKwyeov93HLBpTnGmrDfmYMBUAF33_l409BfwCVJqJF4Kyb8RSrysmcBzA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELKJ6NM3G-GfahwmQsMs0xQ&google_push=AYg5qPK2r9606GNg7gSUOQltCyUTrZJxPOawwcGHpOZoKKwyeov93HLBpTnGmrDfmYMBUAF33_l409BfwCVJqJF4Kyb8RSrysmcBzA

Request Chain 258

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJL9Cl6dDN_V8glGfbp0Y88&google_cver=1&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC6sF80pqHc4K1qN4lwA619TmTzbw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC6sF80pqHc4K1qN4lwA619TmTzbw

Request Chain 261

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1COk0FXBXq6OsN9PEexjiJ1wnJcYfabEq6iXzqk-nz2ckgfpQSMJqgQA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1COk0FXBXq6OsN9PEexjiJ1wnJcYfabEq6iXzqk-nz2ckgfpQSMJqgQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TERFRlFVaTMxTkx2NDA1&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1COk0FXBXq6OsN9PEexjiJ1wnJcYfabEq6iXzqk-nz2ckgfpQSMJqgQA

Request Chain 262

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIOINwnLc8CiijQdjJciAzs&google_cver=1&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgNNW_AX-snM1QNZDxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MzExMzI1MjEzNTA0MTE3MQ%3D%3D&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgNNW_AX-snM1QNZDxQ

Request Chain 263

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJL9Cl6dDN_V8glGfbp0Y88&google_cver=1&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJDIV_5orBx58wCKMQsCNG0Xhh9xlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJDIV_5orBx58wCKMQsCNG0Xhh9xlQ

Request Chain 264

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU&google_cver=1&google_push=AYg5qPIIzzoZcY-l1b6m9ZHVotq3YGSGt9GgmhjEYOStUJoYhLSOCBJPoxE1HKm-Jxsab0fzfKNXWJR42XfOHf2LmEu8LQZHu-QF5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPIIzzoZcY-l1b6m9ZHVotq3YGSGt9GgmhjEYOStUJoYhLSOCBJPoxE1HKm-Jxsab0fzfKNXWJR42XfOHf2LmEu8LQZHu-QF5Q&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU

Request Chain 265

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEODbryqUjbMU3XcOhjAIxI8&google_cver=1&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVSay6TRdEdDl33mS1tnVjhJsNbf0WaLW-9kRfKvSI0RRG1UA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVSay6TRdEdDl33mS1tnVjhJsNbf0WaLW-9kRfKvSI0RRG1UA

Request Chain 277

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK8SmGKM2obIvO1lb62dcIM&google_cver=1&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412DVwSPm0y_LXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412DVwSPm0y_LXw

Request Chain 280

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU&google_cver=1&google_push=AYg5qPKTE1D97h5jSiuUF9p6ZndXVokNro6UvtKXJkLmT0cnRL3JtdP5ab38jCy92XIjpwp6mv1ADmcFOGKN4_dwP5Bve5Wq7nN0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPKTE1D97h5jSiuUF9p6ZndXVokNro6UvtKXJkLmT0cnRL3JtdP5ab38jCy92XIjpwp6mv1ADmcFOGKN4_dwP5Bve5Wq7nN0&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU

Request Chain 281

https://onetag-sys.com/sync/i,19/?google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF

Request Chain 282

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK7vn51-gKDo2PAax8oLXME&google_cver=1&google_push=AYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy%26google_hm%3DA9bipMBz7EsKnOhUXCtSJZM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy&google_hm=A9bipMBz7EsKnOhUXCtSJZM

Request Chain 283

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPLxs8a1832px_gqHFu6Ywwz_pghf-TI4xEb9rF2QKkvY1clWtyuwUdcr66LxPy-4lstquzPqLaYLWDPMjyFbYrRJwrvvmnwYA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLxs8a1832px_gqHFu6Ywwz_pghf-TI4xEb9rF2QKkvY1clWtyuwUdcr66LxPy-4lstquzPqLaYLWDPMjyFbYrRJwrvvmnwYA HTTP 302
https://onetag-sys.com/sync/i,19/?google_error=5

Request Chain 296

https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jCwjFnxMNytoa2crbkpMenBDcmZyak1WWDJmTWxQYTgzUzRIZEpSRzVEQXZkRjhZNE5FclExcVM4M1hLQVVkTWlUSGM2Rm5Ra0VhOVNhbDhEaUM3SFVNZGNOYktvYmhDN2ZrZkFWM1ZHOCtMQWV0dnJkVnB1VExYYitxcUNrdEs4MmkxSEY2bmpmU3lOUUhUYW84QnlqZ3k3eUdsaEszYjlTV0hlUEJMbUR3SVB1V040cEwyWEYwRTZKQXNMckYyaWswZFY5Q3ZNN2dmNWh5VmdwVHVxclh5TUJ6VUw3YVF4Y2I4UVJHY2htV0ZEOHRpQnR6VmhBdzhheDhSUlNhdy9oSVo5S1hFbDVzM2RBNHZpbE1pdm4xVW9wZz09fA&cppv=2

Request Chain 298

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mMwUPnxJRkZhRHk1a1pQNlBJeGVQYTB1STIzeXFQRHNlRlhOV01KNlRYWC92SUFkeU03a1BvNko4am9NRnNPQW0rR3lKY2FmNmcxT3VFUUNQUkpkRk8xVUlublBXZ3VlVzUyYTg2VDl6ZFFBUi9KaWJ0TDluSWpaaG82Z3F1a3JleU9MeEpWa3ppQmxMcVR2Ym0xTUNIblo0cGgraVFsb3d4dVNEWHNxNjJnN1NSWFVyeW5FaXJSdXduQmc5NkRGWlUzd29PVFpuMWVQS011M1FVVEdJblNONjFQcm9BRXM1SzlNTkZmMlZSOHZNQk5Ram9idXFmSHhmaktzYjFYaFlmNWgxbi9VMlFzZ2NWaUNsSnNrY1VpZ0hnZz09fA&cppv=2

304 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ntn.ua/uk/
Redirect Chain

http://ntn.ua/
https://ntn.ua/
https://ntn.ua/uk/

63 KB
14 KB

125ms
124ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64781227b7b00b7dca5ac7fff5535cadd501a785112732f8c5297928f959888f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7050b854cf0e88bf-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 02 May 2022 12:22:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOKZhf94KLBmH4byxH59%2BH%2B6TZSi8FH5N9fpTRPJCzO%2BHjw1AI%2ByczjN7u3vN%2BJQRWV5yvkmV4GSDT3Z3oE2lBAbxr%2BHjtoJR7hYCqWPXG61KwVO6aylR1FA0%2FD4iUQqL7frnuA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7050b8533be088bf-LHR
content-type: text/html
date: Mon, 02 May 2022 12:22:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ntn.ua/uk/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhdJv%2BMJIj0y%2BkLtxf17ZVXSBAmbu5Frmj7IZ%2BxhDJQn3bYLY3JFejJT0ALVx4FOGdlTGMoJGptEIHtluJ8b221oKMcIYqrpmQ7PSA3xyDiusYoc2nUDaKkQjAkl0G7aix%2BtRw4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 ntn.css
ntn.ua/css/ 58 KB
11 KB 287ms
286ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/css/ntn.css?v=1.2.15
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 19 Apr 2019 11:56:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNzqX1RK4W3Ss3zc41P%2FVTgCATo%2B4ZPW6fxtMqrCJny6uIUpQg4gAxqcO3Y2BeDUUZaHC0GPF0NdIkh52IoQl%2FG%2Bhq%2FAlDxRaPDmAcCfYXpi18xR%2B%2BsOLYlBIJwY2dnxs8KD9uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855ba9888c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 flexslider.css
ntn.ua/js/flexslider/ 4 KB
2 KB 287ms
286ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/flexslider/flexslider.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLoqTk726vz25OYdmUalmpJM6DPXXi2YQV5VKCf2JjCHs4bg175q1y600mX5doxK17M8wm0FAHjlumygNXTY2GIZeddDCFPy9nqG5zGzZNTeB7CozoolcU6XLdx3046GyDx3P38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855ba9c88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.fancybox.css
ntn.ua/js/fancybox/ 5 KB
2 KB 312ms
311ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/fancybox/jquery.fancybox.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gV9FI%2Fatyj1eAPc5%2FgHbA9DI%2B4x8UiqHgR6ZPnuCehxDkcPK6N%2BIf5cboCH%2F2YDIOYIkr3bOtA1atMaUBq1araogBIZG2jgt4Q8nLVANe5v%2Fq0F%2FZuYMPAyTmLbI1rMP%2BC6ytAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855ba9f88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 superfish.css
ntn.ua/css// 1 KB
1 KB 309ms
306ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/css//superfish.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB%2FaTDfd14p0yIV3KsY4mVcl%2Fnw4lltNutTlpA%2F5zPf5l8qJbRR%2BRtZsTmff0f9MHkorddobtren4QF7lZofBqdPhkROZyVQIaozvVb4WDDpPwlC85MJYW9rQ20tWrlvWEd0V9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baa288c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery-ui-1.10.4.custom.min.css
ntn.ua/js/jquery-ui/ 23 KB
5 KB 309ms
306ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ve0zzebVTHYwOmZnwD%2BwCEojA6w38u9hSOriNaXSOzZ8qV8GPqU%2FI8Iw38JGBIaoRHgICPMIisxZ0ZRPZr2HQML4HJ%2BhvuvGBAmF%2BN6uMz%2FfP4CE2tDpEH4D%2BeKjUghAMM6lT8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baa388c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.min.js Show response
ntn.ua/js/ 91 KB
34 KB 371ms
369ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jquery.min.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zbek%2FYsipxq7SbFx1mPXJnqkGCGgM1UuTDgy1Z4SXSp2yEuHkGJYl42NO%2BwkRLebQY6MqTSGSU7Ho2CkRloL%2Fl4RBeDOqcQeRrBkts9YoNDQLsvA2laSnQpyl6Q2ZouFT1kl1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baa588c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery-ui-1.10.4.custom.min.js Show response
ntn.ua/js/jquery-ui/ 109 KB
33 KB 384ms
382ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jquery-ui/jquery-ui-1.10.4.custom.min.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koce%2BneWEuOFAbsmoZehxA4CIE8MMj8bXKB2cFiMlAndfo2Xs%2F1ewwytqIhRw1LXo4xv0Tmc2R32hnGIQpuUkB6cVF%2FcqnDfTP2FFodZmRITQmDxmNwFdnnVvbA%2BTJYjA7YziRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baaa88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 respond.min.js Show response
ntn.ua/js/ 4 KB
3 KB 312ms
310ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/respond.min.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSUAtcyTPiu%2F5iHT324mnBZOlwJPejTkI8la%2BLi9FoRiyQ4qQ1DfWOVnS494Kyp1KkiDiaOu4Y9WkpAmeaiqR1iD%2FzGIVZiIt8DJCbX5gBgD1D%2F65VeYthjZxBpkay36K5B9v0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baac88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 swfobject.js Show response
ntn.ua/js/ 10 KB
4 KB 309ms
306ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/swfobject.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GftFclD6MSELcWHhSFpqKG6sxT%2FzyTZvwCtmoHO7LSoWwQWpxDwW6mEBD4ch4XLsNYTS%2Fe8JYFOSbhd6P7H0L2jD5aLPJxSmmUGZ5NU%2BDudyyj8ewuVlpshuXTRzBXleHgB%2BBm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baad88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jwplayer.js Show response
ntn.ua/js/ 137 KB
38 KB 399ms
397ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jwplayer.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyOQfm1zcbDj6%2F4%2BrfmXFVcksNdXfXYSg3dsplB7zWOmOcjizhjg1WRkgBtZmmNu5kSoEhD8kIbEPPaw6eEIZOy3BiHztgctDtZF7zfphK6tSU%2B6QOnS11LAXv1dKQbahWGXLUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baaf88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 main.js Show response
ntn.ua/js/ 13 KB
4 KB 258ms
256ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/main.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKcHuJunRNoDj%2B2jYTkzvuTacPrRPK9JnEuCA9uGV1ktPt603VZgD01MkLiS3uPS2ukuInYMQqPqGClT7xZVqVX8SGs%2BKWN9VwDbfec%2BuApgMOtoZrRi%2BVJktMBC%2BMwI%2Bky%2B%2B1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855bab188c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.flexslider-min.js Show response
ntn.ua/js/flexslider/ 21 KB
7 KB 264ms
262ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/flexslider/jquery.flexslider-min.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2DPUAVYiJ6zFQJ3CY1yPTKZtrvnfUlYhCyUshUoYmZCtkiCPmXk5wHdQht1hph4ePh8O4VLj3kq50ShV%2B1GRMYVoXbtK53xtcwBwy0n4dvgp2%2FgQScRlMpemyY3SBrTbTQvCm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855bab488c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.fancybox.pack.js Show response
ntn.ua/js/fancybox/ 23 KB
9 KB 308ms
306ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/fancybox/jquery.fancybox.pack.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TjC7Fat8YT1f6B%2BLz62a0KHp5NlavTVPxtuJkhFnXV2wcuMSiFTU28EPbnGB4afSM%2BuWiMILvexVHoxyUPCFKxA%2FipN9tgzC51wWiJ4oxwyEo2%2FZK6s5TcPzocJuIQTXZYYKoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855bab588c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 superfish.js Show response
ntn.ua/js/ 7 KB
3 KB 333ms
330ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/superfish.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr4S7Uv0hWriz%2Fjzsz5h6P9NxiK4vyL6U2U3X%2Br9MI6iBZR5uFfg92XpuHvp0y8pz0b0rmETB9jiVPfBVGIFfk7d2b4fWaxt3xdubm7MN4opFLH%2F%2BxZgK%2F7CJ3mJSL%2F1gBYEbA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855baba88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.easing-1.3.pack.js Show response
ntn.ua/js/ 7 KB
3 KB 334ms
332ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jquery.easing-1.3.pack.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyvI3L2mlwWXitNXByb6RggEzFHEpzJI0tOre2SeuQCHxCygf8akRI9lY%2FrkoKbeK8gQgCg23OAZPmkInpOtsyiTM9SAerklzR8v4WWlDyGtj07RTCy7j8f8OeEAQl%2FQyOCFUDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855babb88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H3 200 jquery.mousewheel-3.0.6.pack.js Show response
ntn.ua/js/ 1 KB
1 KB 335ms
333ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/js/jquery.mousewheel-3.0.6.pack.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsHQEQifGbiwsHX9IqeLInr3fe06Y2%2FtoK41LiE4W8oVOjUh14ugv4evk4pIrN3BVa%2BB05gBslWgCNWsLyAMZbUfLv5w5guJFv5Wr4gFJmeT45wMrsuxtsCDctjv7gMIviJ4FpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b855babd88c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H/1.1 200
OK segments.js Show response
d.adtelligent.com/ 16 B
432 B 100ms
25ms Script
application/javascript 2a0c:5c81:5120::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtelligent.com/segments.js?id=87
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5120::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:01 GMT
Server: Adtelligent
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://ntn.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=7200
Content-Length: 16

GET
H2 200 vmap-js.js Show response
unpkg.com/vmap@2.2.2/dist/ 3 KB
2 KB 143ms
83ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vmap@2.2.2/dist/vmap-js.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 658620
fly-request-id: 01G1EQDAN128YBJRWH3YBDKEF2-lhr
content-encoding: br
vary: Accept-Encoding
last-modified: Fri, 21 Dec 2018 14:16:58 GMT
server: cloudflare
etag: W/"d58-nCDrlApgb5bvdpj1ugv9uEgKSyk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7050b8562d3f71e0-LHR

GET
H2 200 player.core.js Show response
player.adtelligent.com/static/ 465 KB
100 KB 122ms
50ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/static/player.core.js?v=1755
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:01 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 15:00:12 GMT
server: nginx
etag: W/"626bfd7c-745fa"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 player.core.css
player.adtelligent.com/static/ 155 KB
26 KB 175ms
103ms Stylesheet
text/css 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/static/player.core.css?v=8059
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 15:00:11 GMT
server: nginx
etag: W/"626bfd7b-26cfa"
content-type: text/css
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 138ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157387674-2

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aad8052483eabc894d2a5f1963777caa67e429d216f7c73b6ace708306c68f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38724
x-xss-protection: 0
last-modified: Mon, 02 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 May 2022 12:22:02 GMT

GET
H/1.1

400
Bad Request

atg
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/atg
https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1

20 B
20 B

37ms
37ms

Image
text/plain

52.49.236.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

HTTP/1.1

Server

52.49.236.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-236-237.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 20
strict-transport-security: max-age=2592000; includeSubDomains
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1
Date: Mon, 02 May 2022 12:22:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3 200 new_logo.png
ntn.ua/images/ 4 KB
5 KB 262ms
257ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/new_logo.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4150
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-1036"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIfp%2BEUOOpEzTp33pcnxqMgsLBkTBdK6LPenYxNOEVKkcs7VHIlhuenAmpMxk5%2Be2suZhRpcQgN%2Fz6gz8V6N3NvtOseYTUAWolhy2DnuZFO%2B9sOoN0hqIDDghMrKS%2BYVpNgBC3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a4088c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 nosignal_uk.gif
ntn.ua/images/ 23 KB
24 KB 294ms
289ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/nosignal_uk.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23624
last-modified: Thu, 05 Jan 2017 12:32:59 GMT
server: cloudflare
etag: "586e3cfb-5c48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmFWC9Tie9xMq0Iz%2FKsL3WG00WW0DjdSCiYN8DUIMgATCrZoY0n%2BydH8%2FazrNvGSt90dzgn40CeG75mM4lRX9haoTsQ%2FA1aeOp2uuhXj8xYgReZWwKX1qCC7MAiNmPBkpAPLJaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a4288c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 announce_uk.gif
ntn.ua/images/ 190 KB
190 KB 343ms
338ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/announce_uk.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194201
last-modified: Thu, 16 Jan 2020 10:52:02 GMT
server: cloudflare
etag: "5e204052-2f699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwhEfbSJYwCvlcuDhYX4rMqyPXsW%2BVCdvSx4irkCSNIxZom2Ei0abZZvpK3ke44V%2FVzMHAM%2Bopar2z%2FWgEtmHyOkFV3uKB%2Fio0GDFpBh33DXXnZexqqtp0N%2F9YNFdIP1O2bLuJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a4488c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
ntn.ua/uploads/hot_announce/2022/02/15/ 357 KB
358 KB 47ms
41ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/hot_announce/2022/02/15/625e2de2f055fb014d580e2eff6a4c49d960fdf1.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 365823
last-modified: Tue, 15 Feb 2022 14:22:50 GMT
server: cloudflare
etag: "620bb73a-594ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stn3hJomBAtpsYNes3yrH44iBDlLwNbeEVESdhIXEt%2BsL4hyMBE5nclsvdPyQL6mX%2FqvCjrqZhZSe8qyjvh4gxyMRx76j8s%2BRYsbQrw7iiejSFoCecPyNORpg1%2BIG6Q7kiTKDmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a4588c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
ntn.ua/uploads/hot_announce/2020/06/24/ 62 KB
63 KB 103ms
98ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/hot_announce/2020/06/24/763fe6c775e3257bdb86affb334ec08e236c97cc.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63676
last-modified: Wed, 24 Jun 2020 11:14:00 GMT
server: cloudflare
etag: "5ef33578-f8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F587j2QQDhdL3bC3vMOUUH4PmjSqnoW%2FSrjTi95UbWqwyV5C2VSilHezSzKZA2MumjRli6%2BEJgPI3D05Zz1sv4GpRYQF5pYvDpdjo01Cu3AfJsCKvIfKZG1%2B03aN7RN7u9%2FYZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a4688c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
ntn.ua/uploads/hot_announce/2014/01/31/ 67 KB
68 KB 100ms
95ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/hot_announce/2014/01/31/883c1aaa88950ab99adf5732c1d6274e9f153480.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68805
last-modified: Fri, 31 Jan 2014 17:18:19 GMT
server: cloudflare
etag: "52ebdadb-10cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57RZk7IVpYsIBkgFKWcyhnMwe985IZadK0r8O61wyo6ZVqx16nsSmP5dTZXPfmdQzvOJzqaKBlUCLtvrcTDtUa2pXzBHOlhlLcHPv08SYiOWdDNyjkvlXBAx%2FCrbUNq2k2pf7VQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a4988c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
ntn.ua/uploads/hot_announce/2018/02/22/ 75 KB
76 KB 76ms
71ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/hot_announce/2018/02/22/74534aeabe264ccb10e9efc73b280e6a9b0088ea.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77215
last-modified: Thu, 22 Feb 2018 11:49:31 GMT
server: cloudflare
etag: "5a8eae4b-12d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emPLYsuBrssaRhMA%2Bwzv7AAzrVjAQeAOfXPc%2BBX2wZBZzmfMeSfreT4gz9MQvYvHwf3HzqsqfDiwtQN5Y0yCLZhJMshlcLvEJlxepeflwsDUvTpBb9Du7WGwJtkZ4Udf6lIfyF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a4b88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video_big.png
ntn.ua/images/ 1 KB
2 KB 263ms
257ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/video_big.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1442
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-5a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XjDYbDAitP2BGNKr6phupWa%2F6YtInPpQ2WvVWT3Z85HH3iV9xjm20%2B3AYZVHswp5%2BISTDQb4Xo%2BSbr%2BkKd4XR00Rul5vuewKJMQHx4drI9a9PSl7uyzrNfqYp2Va2hkBS5ooB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a4f88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
ntn.ua/uploads/news/2022/04/26/ 33 KB
33 KB 77ms
72ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/04/26/f2d1ee7bd6bdbddf5cd76bd6e8403dea35045336.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152610
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33432
last-modified: Tue, 26 Apr 2022 11:11:54 GMT
server: cloudflare
etag: "6267d37a-8298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWI6H2KalXC%2FVUOyGHOQm4ITbuD%2FGy%2BwnQs%2BC6hXid%2B2NHjbkGSBVn0tDGXWWF5opu7CN6TytZEwHwJ9wBCPIwG%2BWo4OL7WI%2FUjgPIWBrD09qF1XhZ8BgRNuYGU%2FYq2FhpbCRus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a5288c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 319890fefc77e8df36d5f30fdf3d78d465bbf5e0.png
ntn.ua/uploads/news/2022/02/24/ 4 KB
5 KB 78ms
73ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/319890fefc77e8df36d5f30fdf3d78d465bbf5e0.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4150
last-modified: Thu, 24 Feb 2022 14:21:57 GMT
server: cloudflare
etag: "62179485-1036"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UesJU%2Bhsj26aZsqiPxa02Vnihvqd5%2FxDNXiIWVgK1rZgmGfhfW2uBUnVdDNn8poo%2B%2BKq%2BkiPXMlhPMhmQ3vb04A5Pju4Vb5rqNqDPwpUBy1Ts5seOMo55ZtWDynxo4C%2FvQUGstw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a5688c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fdc8a6d269f7777e939b96af8bf01b3477167570.png
ntn.ua/uploads/news/2022/02/15/ 172 KB
172 KB 73ms
68ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/15/fdc8a6d269f7777e939b96af8bf01b3477167570.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63412ed99863cb16f052f2cce59ec6dcd3ce97096306f1814255a086db9e8fe7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 175858
last-modified: Tue, 15 Feb 2022 14:15:04 GMT
server: cloudflare
etag: "620bb568-2aef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHct4omj9oonwoLER67J19FT2bY6rQp%2BGGnk7wSnO4cohX8d5POsebpn0d9eNwNrNO5MpW73aSaX2sg9NN%2FXK4u%2FIIV%2B56zbxq0%2Fwvh1NYAmKAIf1dR6S3lfuaStNZozNJGrQ7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a5788c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 82ad8479734b36f4e539ec33d98162bd77b9f52f.jpg
ntn.ua/uploads/news/2022/01/22/ 21 KB
22 KB 161ms
156ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/01/22/82ad8479734b36f4e539ec33d98162bd77b9f52f.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19cb78a65b108af9eb44e7bbfa35fc26e55cdf5f41ea141ec4a30a10c88c77ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21994
last-modified: Sat, 22 Jan 2022 18:43:40 GMT
server: cloudflare
etag: "61ec505c-55ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU17bIbhGmFn0gytFUhMeJJB8Buc0hgpUWtKvjRv9NgacglfDcJrx5j4nr6klpu7a3uxMiOrNWOYEJTCd1eALSzIyAtBpjxuMNd2kgStDYYgOkoZDFpZNBMd9sVToImoj9LMh5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a5b88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25d5a7992ea9832e7670b5e437756d39d5132793.jpg
ntn.ua/uploads/news/2022/02/24/ 9 KB
9 KB 162ms
158ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/25d5a7992ea9832e7670b5e437756d39d5132793.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9098
last-modified: Wed, 23 Feb 2022 22:20:10 GMT
server: cloudflare
etag: "6216b31a-238a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8C7XcehUP9keyh6rQ%2F8GsJYevlJXqQcbBf3d4V7bf607wDmoHrPoKqBI9HkCTTsK%2FHxbIXpmntFLLgtUMZgxG7%2FUxy%2FMK43s7Rf8Oeo1XjmBC8oawUYtn23AX7ZrNfSj%2FCtgtnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a5c88c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video_ico.png
ntn.ua/images/ 1 KB
2 KB 264ms
259ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/video_ico.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1144
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-478"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dED3p%2FAw79xBRRe7Wt%2BCDjnn%2FUeFSicgXqOCVSDu2axyX5j1Cje0Wf0JQKEyKrqqwx%2BXv56VEc%2F85mlgmd7Rvmp5bvSld%2Fxrx472DcON%2BGvcHpUmhp9Dob8yTkYI2ZGr%2BErxNkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a5f88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
ntn.ua/uploads/news/2022/02/24/ 10 KB
10 KB 162ms
158ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/de785050f23f36c989d3e1cd365ef9fcd8e0b249.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9858
last-modified: Wed, 23 Feb 2022 22:17:35 GMT
server: cloudflare
etag: "6216b27f-2682"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtmEH1VYf4n1jiVdojWVwlvyLKhxToivdd3zEOGd8NEMtucHG4Ekjs4sATXI1Ax%2BcgU6mY62ievC9D7%2FGtZW7txUXm%2FrNTeb3UreYpyBovFVEmP4sMSbZ6rbAumlNn%2FT5LkeRdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6288c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 666c5250a9685430aa994abee07d40fd894d0196.jpg
ntn.ua/uploads/news/2022/02/24/ 7 KB
8 KB 163ms
158ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/666c5250a9685430aa994abee07d40fd894d0196.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7538
last-modified: Wed, 23 Feb 2022 22:15:13 GMT
server: cloudflare
etag: "6216b1f1-1d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLYR9uZHKvqN%2BPog1lO4cu%2BR0b6oZMR5dgxOvQ8ozT1TkSXH0IYFPtGBIVxUmUHdM7iwxzW7aAo6c5zC9VyKusqqdG9okHtUL9N7GbJeS3HzCV8t5StmGKN%2BBYBSSh41G940NOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6488c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
ntn.ua/uploads/news/2022/02/24/ 7 KB
8 KB 164ms
160ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/2cd7dfc8f117b2f57008c17e9909f932321baa43.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7285
last-modified: Wed, 23 Feb 2022 22:12:27 GMT
server: cloudflare
etag: "6216b14b-1c75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdnIepDA2%2BX784%2FI7Q%2FbK8Rz6pcdf3q176JHxw%2BFCly6wKR3m%2B%2FabRI3tf2OEucpoC2YRVxnL1JEVZZS9ZS0g6FVV5EO8H9Vlta%2BKazgxXawXIcAz1dXQgtPctkqQOcU6Ypf9Oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6588c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 77222b6bbf0e407c9ab55ae518249acae7533786.jpg
ntn.ua/uploads/news/2022/02/24/ 8 KB
9 KB 164ms
160ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/77222b6bbf0e407c9ab55ae518249acae7533786.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8132
last-modified: Wed, 23 Feb 2022 22:10:08 GMT
server: cloudflare
etag: "6216b0c0-1fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDTCCl7BRy4ZRKTQZ%2FnfzNST7wHwgG1QpFYPwsrcsTjpHyW6ZfbP623SosMPw31jrMnbdm1X3cmXawfOYc%2FDrgQBl6Wz%2B1g2Vm6kOB9s398cIqVAwvY8FW%2B35%2B%2Bn9Pr1QDNE0Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6788c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
ntn.ua/uploads/news/2022/02/24/ 8 KB
9 KB 164ms
160ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/e2a7801cdc45288f9f6099092cd894d2797fcb5d.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8412
last-modified: Wed, 23 Feb 2022 22:07:34 GMT
server: cloudflare
etag: "6216b026-20dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzpK4mSjuOwweVTMA9BYf3gzGSHwuz0JNV3T5dT%2BYjGT4ByM%2F0JoW2WL84DdqBWNTqUR9ubYl33UEi%2BcKznyYOSE9a%2BLXquYJYcenJD56Atb2Ra9q%2B5z%2BEHvE5%2F%2FrR8cDLDSlZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6888c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
ntn.ua/uploads/news/2022/02/24/ 9 KB
9 KB 164ms
161ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/uploads/news/2022/02/24/001a3c147f2eebd6850a84ead24f4ba9798e300c.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9019
last-modified: Wed, 23 Feb 2022 22:04:45 GMT
server: cloudflare
etag: "6216af7d-233b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoI0QbKCoO8ORHjKpdBJ2F36%2FdCjZ2DvpXxKj4lZ%2FXxgcyFbiCcApIghLJu1f7pYKOBJlI1CrdvBdsEeNI70CgKwYEk7yk2Zc6aXsLH249wfQdcy0RMp4Y6jIh5EsaUHvnPFFCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7050b8597a6988c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

ua Show response
inter.ua/
Redirect Chain

https://inter.ua/uk/announce/channel/3
https://inter.ua/ua

0
0

250ms
214ms

Script
text/html

2606:4700:3038::6815:e9e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inter.ua/ua
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Server: 2606:4700:3038::6815:e9e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://inter.ua/ua
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuIhgPhWouj7cubDEU6hEpvHIe1daS49ZSDap52QheC8RJU66eXTKDdfrV5nt2Jj23Jfg2O7ss9faegTjrN6gUIvKW%2FPGseBxuYShExqAzSj8ohu8xplYFUzgFkAtQshyxOgCwGdWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cf-ray: 7050b858d89ae638-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 inter.png
ntn.ua/images/partners/ 2 KB
2 KB 265ms
261ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/inter.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1656
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B22q5eiERi2itMoBs5HBkkCZmK%2BNGnbVKOcWtlIgLwl46sEtkh2cBtO80zBY%2FjuQYlMI2ltZIGjfegTT3Xm3OGwPqiw2%2BywTJUY5%2FkBGMdJYrC%2FSkbkHMfpqEQowETQPtme5sY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a6b88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 k1.png
ntn.ua/images/partners/ 4 KB
4 KB 270ms
266ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/k1.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3722
last-modified: Wed, 27 Aug 2014 14:55:25 GMT
server: cloudflare
etag: "53fdf15d-e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FrJrRKXw%2FGsp7mjYt0xFgUKEwEp1aG6nWnNTizrMSKqsO8S2wsNe%2FxHxjpbJjDImVOwVSuX6tzusMml3XT75eIue%2F4DJVG9FgS620PAFKkbF8BTThnLbHg9ciTD909AwnW8PJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a6d88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 mega.png
ntn.ua/images/partners/ 2 KB
2 KB 165ms
162ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/mega.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1581
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-62d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T8XnMUpTJHg4s%2Bpma2OQQhe8%2FSiLJI5PY6YQES2hI52q2iLwl91NWeaHlVziLst0NjZPh7TZyBcRiPexRnE840GVizhdWboJQ97XZtlw47GiFUTmSosZn3zQaWAhkpknvc2YHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7088c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 zoom.png
ntn.ua/images/partners/ 4 KB
4 KB 287ms
283ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/zoom.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3622
last-modified: Mon, 19 Jan 2015 15:10:13 GMT
server: cloudflare
etag: "54bd1e55-e26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jVH9WLjVZFCMMA%2FKmnIKu06SRXyXDBCt%2FvXwUQUdqH9kSodWBuE7Mi2hCE96xbAA9Q0SATw0RSmhorwbQdfwbPFSpC5hJeG%2FH83WFbDv9WQa%2FFJcHmykYmmhf838JBqyemvXfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7488c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 podrobnosti.png
ntn.ua/images/partners/ 5 KB
5 KB 264ms
260ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/podrobnosti.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4992
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-1380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZANuftEz1Hh8Dm5LqGpuzka2b%2FO4m%2BVrEVavRe2mV4wPurrH0HM1Dc%2F5kgGGNCiVnuWyPAKfqLOZZabTx3P3rpg8XqV%2FDV8AEHOeRb0riEQvh5lByuDdiPqXkfs0Yxg1JgLmw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7588c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 music.png
ntn.ua/images/partners/ 2 KB
3 KB 165ms
162ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/music.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2062
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB%2B0RpKzVYc7CJB7IhTRRrua0S8pqA4KoqBXEatbizpQ4f%2BzAWA2QYfPbD0J3Ab4Lvu5TjQx87H3SaHd1QnXNqR5oMbgBgvEKgiYOe4GtRH14OHd%2Bva8%2BcIBYi%2FtBSCO%2B6qsWps%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7788c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 enterfilm.png
ntn.ua/images/partners/ 2 KB
3 KB 299ms
296ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/enterfilm.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2026
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-7ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZiPB3D9bFg9gjVE5t1W0tT3v2hfgz0gSaobXrsSuzveAn2jh5sccdb4G8cNX3AnqTMJ8%2B3vwWIdiZtpGu5aSpyHTA6x5LZPfQPheKIUNGVTYnwSPfaXZ2j5opPmg6RpAhzb6fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7a88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 k2.png
ntn.ua/images/partners/ 2 KB
3 KB 275ms
272ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/k2.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2034
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-7f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyE4bLvWNWYrx2BDvCDK3lXfDG4LF719dpTVk3UeHiqO9C5nZ%2FCp4dSPeYjJFOnm3JLSUh0AensOdTub7V4tYiPBZkf4XyMxpoo4oQLXtPWo8yAv8vVKPu8ud4l0VafSaVtnV7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7c88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 inter_plus.png
ntn.ua/images/partners/ 2 KB
2 KB 165ms
162ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/inter_plus.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1819
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-71b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FRMnLXM%2BsUUMoaUuRAfHY60dVI64vq2syBe%2FNsjXU6JGuAeowZFTrpCgne0N8v6TPo%2Fs4QksDHIRJll1VkemqYcIP4a9lPO2ILYn%2F0aY4nv%2B1mzFiDJHI%2F7yYGw1007KfGh%2BBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a7f88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 pixel.png
ntn.ua/images/partners/ 4 KB
4 KB 282ms
279ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/pixel.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3735
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-e97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AmzQltsw3NjsPKpp1ph1kKhPGow2dXHFG4oqouBggq%2FMsT3ZUuVLybKHh1OvXsoKWgBfhaQjWLaDX3G%2FMFAqATKClczjikdTaBlUP96dUhXKxRRWiP%2BkjW0cHoHyeC0mRSE3wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8188c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 intertext.png
ntn.ua/images/partners/ 2 KB
3 KB 301ms
298ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/partners/intertext.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2422
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-976"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ4k0ot5m3WHZWI%2Fcn8TAc2sAdepqfnQ4w66I%2FX2xaRkHeLZmtAhkzwXOD1DEedVLvKdKGe0tq95AfE%2BPRO6qDIa%2FUK1VfkvggtKptInkHDoWc5rgUxEUDf9Rf5w3XPbnWpnX1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8388c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 print.css
ntn.ua/css/ 0
567 B 269ms
267ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/css/print.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Thu, 05 Jun 2014 10:52:59 GMT
server: cloudflare
etag: "53904c0b-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPuC9pzIwhz26AWW1Iv925tRn5p2hpvk6w%2FN%2BYe66HwpVGXPXQJh953HI5fhmyvwMrYP9Oz%2BObrmUfpnCaJc5AMb%2FRUVUIZUupDbgBrdewDtmioFODvFonSaI9NnZ0G%2FygNkJhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8788c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 reset.css
ntn.ua/css/ 843 B
1 KB 249ms
248ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntn.ua/css/reset.css
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Jun 2014 10:53:00 GMT
server: cloudflare
etag: W/"53904c0c-34b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLMCn5F9MSuK69R79HBLnIVbNBgAROX2UD01w4lyuHUAH3Aj4VpSzxW0HTQ1tjE8rBPTO8YjuPABFm2DV%2FnSyH2fTWpNnYy%2Br5xFdKoGfgkSUgb78Iay6omQsnbSPS6ycr5UOnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7050b857aed688c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 03 May 2022 12:49:22 GMT

GET
H2 200 player.core.css
player.adtelligent.com/static/ 155 KB
26 KB 110ms
110ms Stylesheet
text/css 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/static/player.core.css?v=1755
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=1755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 15:00:11 GMT
server: nginx
etag: W/"626bfd7b-26cfa"
content-type: text/css
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/static/player.core.js?v=1755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2832
date: Mon, 02 May 2022 11:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 02 May 2022 13:34:50 GMT

GET
H2 200 hb_285194_899.js Show response
player.adtelligent.com/prebidlink/458748/ 302 KB
92 KB 110ms
107ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 40cb3cacce92fc2c3d13ec7239198abf2c2e97b665742a4fea4a703a0ad01717

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 10:21:57 GMT
server: nginx
etag: W/"62667645-4b9f0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 169ms
54ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

1a59760fea36e240c66e6cb4bdd5c0a4fab803dbbb5bdc87c2f12f8d6fa22211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28552
x-xss-protection: 0
server: sffe
etag: "1202 / 996 of 1000 / last-modified: 1651490013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 02 May 2022 12:22:02 GMT

GET
H2 200 wrapper_hb_285194_899.js Show response
player.adtelligent.com/prebidlink/458748/ 785 B
756 B 105ms
102ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458748/wrapper_hb_285194_899.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 362d02cc5fe392b6ae6426a252d481ec5699b279820b89118904b060453eb538

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 21:11:41 GMT
server: nginx
etag: W/"626da60d-311"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
38 KB 106ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTN3THZ

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2f2fc03897e6b55effb57b15a6b6986a754b236f7c934589279ca1189f79b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39177
x-xss-protection: 0
last-modified: Mon, 02 May 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 May 2022 12:22:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 128ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: SrK9zeUhKh2T3AVXrXQZhcGlz4r3EY6TG8dL4qR25cbzMi+SCy/KZz61yirND6Zu9NBVyQG0flUvVKjJfYQUdg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 May 2022 12:22:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 147ms
41ms Script
application/javascript 104.90.154.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.90.154.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-154-178.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Mon, 02 May 2022 12:22:02 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Mon, 09 May 2022 12:22:02 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 0E84 100 KB
29 KB 197ms
115ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31e216e0102702696bbf53d119b6e748503207da418fbb804647fbbb4d4c5617

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 02 May 2022 12:22:02 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: opn3HsUV8A+Ub3hqlMR8xg3n++l3Ob/aryF3aL2Gjjaa9BqCdCbDN4+d585SQdt/fCWMT8jB+WAvwLBgiMNMPw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 ico.png
ntn.ua/images/ 3 KB
3 KB 265ms
264ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/ico.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2835
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2iKMKabRXa3Q9pazd9%2BIfvJUcLsdZplrRs2sInfr88WWgoGQp5OrnHCX2ek5HxbRhTOdcfVjhJ3yfmTgeGHef6NgtxzPjsefhxwIb8kNViKzzyE%2F%2BNVgx45IrNIeyHmXLCiq54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8988c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 ru_lang.gif
ntn.ua/images/ 1 KB
2 KB 286ms
286ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/ru_lang.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1136
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYCs8VKkmJHSx1GqW1KSPC4ZtipBuFcnBDD8T%2FAUKRRA2norqhRmES7pqFg4uU%2B1JaCyFBBkEQ5PPCyd9jlL938Y4PyfVoMpQHHVtcZsLMSwFzChYuJVbcqngP44AdSEYANJIH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8a88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 header_bg.jpg
ntn.ua/images/ 115 KB
115 KB 314ms
314ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/header_bg.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117262
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-1ca0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2B5ULZDe104yJwKEEOqIwMBiYsG5tx56dB9Nj%2FVaA27QjFacBteEDTTUxe5g2b0FaKVH5gH23di%2B2bo9YT3LnL6MrcSzqoRa8p7rv7dA4XsFyRcZzUTPeSQbtPfP3wHaz4Q0WHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8b88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 src_ico.gif
ntn.ua/images/ 2 KB
2 KB 260ms
260ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/src_ico.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1770
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-6ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mt7MRQz%2BYiao%2FW%2F%2F9KYb1qJGtAlYKmqGdQbhWnCcp10jyF7X3hPtfQtJzcidYU5Yp4BoTm4vOLfZ7sAcmtlJ%2ByGxg3fELS0%2BAkRY%2BlpitzXm5e18q7JDj2402LTIhjg%2FJHrcgao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8c88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 menu_bg.gif
ntn.ua/images/ 1 KB
2 KB 274ms
274ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/menu_bg.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1148
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-47c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2coNd%2FAgFqS%2FeoJ%2B2umIuMlUEXA%2BA8%2FmH7iGW7vTJjhFSZ6uVG4aCPeluX1yiVrZ2%2FlXdjrB%2FZhscFllK8aB7q7mGw03oYcQlxi4%2Fmuls93uR8lKlP1AobLSccSOij2Z6%2FsxYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a8f88c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 mega_bg.jpg
ntn.ua/images/ 2 KB
2 KB 273ms
273ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/mega_bg.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1625
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-659"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nApLgJ%2FWwi%2FOEQXi1LOi0IAfZgSq0vg12UShwAm2py4lSPopdlSZIhbkLAdNDo3XajZpV%2F5CxKQKHCYLABlm8JiL8%2F%2F%2BvU5vQBHIB5q2niiRDbPXUV01699qdSt4YQF9TFXVAO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9088c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 mega_left.gif
ntn.ua/images/ 4 KB
4 KB 274ms
274ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/mega_left.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3685
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-e65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfR9NfWfFOPsC01XVUTGATAswPwQHOFh1u59NpTSaJvy3xuuYrDUCYgi7W7stGgARHPjRG4dYSCtsTKrNM6s5Qr39oDccS5z1CL5KBEmjWZ75A1LBfmnIgfJgwHnD2kPniW1WSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9388c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 mega_line.jpg
ntn.ua/images/ 2 KB
3 KB 280ms
280ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/mega_line.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-91a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be%2FkXDH12AdfrtJrXal%2FajMq3vag4iOHrH52M2aWTgsakAq2MUImvMfVHfAWNsY3BGPWWXhkexUTEUIeN17KvZayDI%2Boi13%2BmEWfjC7tVyYcDZdiK2EQNkuCzYW%2Bl7Vg9IwdJ9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9488c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 mega_right.gif
ntn.ua/images/ 4 KB
4 KB 283ms
283ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/mega_right.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3679
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-e5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ7irUk6lYX5ToYoszAwvgnxBDpwI8UvBJFaDYEYAEdNl6nsxC2dh%2BH0iQCMdu9yyqtrcZNNJHMkJqvQpH11P60faHpWssgdlcGwtHsJSgxo5Frk2szblMZl6qPoOZquh4feaXs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9588c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 report_button.gif
ntn.ua/images/ 3 KB
3 KB 288ms
288ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/report_button.gif
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2737
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFi6GnKAIYCzXQDkBIK%2FANjT9lf5Jn5IOgjRRrVOCkTf7ppkyRF83rCKJ94D%2F0PNuaeL53iQPiSBiCxj2JlGwau9cc85aZAAhkV7We2XllrFyNz0pzFRbIX124e7JxW3QWHPHoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9788c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 channel_anons_bg.jpg
ntn.ua/images/ 4 KB
4 KB 282ms
282ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/channel_anons_bg.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3775
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-ebf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngkFjwp5I5EQxMtrPm%2BSQmv02NQy5AGcxkW%2F3oxRlw6hDtMdYxZxiRo5hqALyhBSuySd1foy%2BwlIf4fVQiHCHmIIVbqyldJfxxZq8W0iGCpDURrVxJKfQSM1XNVSXuGNFcWjLLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8597a9888c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H2 200 hbw_master_285194_899.js Show response
player.adtelligent.com/prebidlink/458748/ 97 KB
27 KB 125ms
125ms Script
application/javascript 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458748/hbw_master_285194_899.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/wrapper_hb_285194_899.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: fb610bb70bce4734279569cdf5f1d863118c3fa67a64c1899fd9d87881ae9dd6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 21:11:41 GMT
server: nginx
etag: W/"626da60d-18468"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: MISS

GET
H3 200 293798261393374 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 135ms
93ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/293798261393374?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d86f24d55427f958c0d78bed1d476845161a43e6cd38ba2362c8351e3d745378

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vUZBRi0Jr6deLCICk7SPxloNNtW2lF6+Gn9HNk2jCsn4vYfXlP24dsItJBNVGc/aS1IzvYprME4FijmEilf3Mg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 May 2022 12:22:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651494122725
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 79386 Show response
stags.bluekai.com/site/ Frame 75CA 71 B
338 B 412ms
187ms Document
text/html 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/79386?ret=html&phint=__bk_t%3D%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fntn.ua%2Fuk%2F&phint=__bk_v%3D3.1.10&limit=1&r=12003295
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

BK-Server: d90a
Connection: keep-alive
Content-Length: 71
Content-Type: text/html
Date: Mon, 02 May 2022 12:22:03 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
X-N: S

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 127ms
49ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1707406991&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAAC~&jid=206527577&gjid=1810488580&cid=1755366314.1651494123&tid=UA-157387674-2&_gid=1165098291.1651494123&_r=1&gtm=2ou4r0&z=964299801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HgfzMzC5QAT.css
static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/ Frame 0E84 18 KB
5 KB 121ms
39ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/HgfzMzC5QAT.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d942b6eebcffa564cf2969b807b042df53bcf6471948254b63162cbf7b45412e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pbty/bw6UB3r9JUfArZCFQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4673
x-fb-rlafr: 0
x-fb-debug: zVLSmHOXJLEGVDr2/dsIl5mSsMXf2D40IdEwJE0qY6+2CSsC+BPkB5oELew611F89B3hwE38s3+5EwYEWoUUVQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 01 May 2023 14:41:04 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 0E84 2 KB
1 KB 121ms
40ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XpWPuiqLnlvq4xkatdITVw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 831
x-fb-rlafr: 0
x-fb-debug: MsrzRdjquwv3Fw5X3QMc9mzu2+SpNWBUzoixMLRfzeyIeJ4Pff6TDUBCBSioo54t8FvJHIqgupP077iNa5Ya+w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 30 Apr 2023 05:49:44 GMT

GET
H2 200 2Wrb3kFIcuy.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame 0E84 32 KB
6 KB 121ms
40ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LmKg6bAj5CVq6/oKWEfMNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6321
x-fb-rlafr: 0
x-fb-debug: qMF15URWFyAaWWZbUxs6sYxWf8G8xjzU1TbywPW7wFRP8k1kpsktJ9Ho/r6R4WNnltcjpDXas802CuIgGZcvvg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 29 Apr 2023 00:00:33 GMT

GET
H2 200 s12qqS38cZi.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 0E84 15 KB
4 KB 121ms
40ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/s12qqS38cZi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fffb27404635095b2e7712ed9c8af9cfe30334eb5c15e0996242f4b8bfed022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hla2kz3W4o454Xa8jfqzgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4000
x-fb-rlafr: 0
x-fb-debug: ulKKPb8ui2HgFwwbJvb8MkBU83xJVHpUZjXztNak28IitGM40eqlOlKMjG+mgGsrdHtrYhdLTtKJ1/YYxKx05g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 01 May 2023 16:09:55 GMT

GET
H2 200 2VSZD9_JH43.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 0E84 309 KB
83 KB 121ms
41ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17a99746b0a4baf21319ba7fd1b1e2906ff320db5ae12e39c3b8cccb00223809

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bLu69RdNEyOSZ4yMgY2cuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84933
x-fb-rlafr: 0
x-fb-debug: r0+BPCF19+aOgj5jCfflugF0WVDY7zKhEVErEgSL12+pjfchaHm+leIvWsIgwg09neDHfobVoNOsUMGKmWswnQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 19:01:05 GMT

GET
H2 200 V6QoR2ayI6o.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 0E84 42 KB
14 KB 195ms
115ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/V6QoR2ayI6o.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e45b2d12007122c9c32001032dd4cc0695449cf08973d6f86ae4e0655819dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5vHtC8U4VPv5VCFrEutb0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 13745
x-fb-rlafr: 0
x-fb-debug: Euj7rCQAdTNQn5LmgqNPZ+GfIL6OJyPHslr7V4wYdDmZgAdnlUxEsaQmFm2/YPtB6bGpYBQg1cWvpU9WtJUydA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:39:55 GMT

GET
H2 200 Zkhqbba2FCu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 0E84 49 KB
15 KB 206ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/Zkhqbba2FCu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fdd36ee4fe79a0fc1aa84a0fc60cd1b8ba236fb165ef64880da706bfcf7c7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cUxUGFDVDGqe4VJPzS6fOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15583
x-fb-rlafr: 0
x-fb-debug: ZHEmvi+NSCYgPJf1yPfLX9U/L+8ia7rtAN5/SRyxUW1mnUiQmMywhhx6Cg4wVZN1GtOp+nf6Xoq9Kmh76OFAYQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 17:33:04 GMT

GET
H2 200 BtCgZXLQzzQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/ Frame 0E84 82 KB
23 KB 207ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fc4788eba7596ea363458252c5292d9accb1f8ae3187b6d7d174ec5360ada91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GozbjrTHi57eM1O8Y6Z+vQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 22865
x-fb-rlafr: 0
x-fb-debug: U98XPnXZq6A+KHFdODI1VXQevm0bg1Cm0+QZq75E0EnmyTjWOjWAiZl//l9n1OUNpydBX59OaAbpz5kvuxuq2w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 30 Apr 2023 17:10:19 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 0E84 5 KB
2 KB 206ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: V0MM6tJ2ukXY7GTuvkntd0otcjwEfaFmMl5vYipu5hT6SkZDMrdzS+Dl8sT4GPzIHi3eJKfpPBY/B1+W/ZntuQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 01 May 2023 22:08:04 GMT

GET
H3 200 pubads_impl_2022042601.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 118ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127613
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 May 2023 11:40:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
109 B 127ms
49ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ea314b6c5450385987b107e9c0635ad77027eea04baf0219488652fb301a4d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Mon, 02 May 2022 12:22:02 GMT

GET
H2 200 w22DjU_7lfA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 0E84 35 KB
11 KB 192ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/w22DjU_7lfA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1f5a6d27190b950d33fcc7a4def27c9d5734ce5705e799e9e8a333a390e3bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BjX8XpL8ID/aj2oneXn1ug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 11265
x-fb-rlafr: 0
x-fb-debug: gQ9WZQPAxgD6HRH4HyxXY+zA1cqSg3e3zznylaxoaj3WR16dLaq6565Lb39OKn4us9ykUgz4TF7bkPNaatfyag==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:23:03 GMT

GET
H2 200 7yNhigkul7e.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 0E84 163 KB
48 KB 191ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/7yNhigkul7e.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89d89932050bcd46e3f26db1ef574764616155710ca9793bc855bbdcc25d87ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WabNKpPor08O7pQ/3Zoznw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 49058
x-fb-rlafr: 0
x-fb-debug: EC+4kToHBs2ibVqsGuPtCD45s91UyPr1u4vDgLqTKLkMzgh+3mK+0lf1S0kyY9TIx/HN0L8r+oh00v4L3zoHMg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 01 May 2023 15:09:46 GMT

GET
H2 200 b6DD0Isjt_e.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixeU4/yK/l/en_GB/ Frame 0E84 245 KB
57 KB 192ms
127ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixeU4/yK/l/en_GB/b6DD0Isjt_e.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa12df2f1880c7a16703529076b74f52a9aae3278fd6e42e6832077dd0ee3575

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: t+hf9cMCkwJWfaJxd8WZWQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 57974
x-fb-rlafr: 0
x-fb-debug: owHXKRtlSlbw+eTwQfneF0kJPaZlsK2VJ8FUhqdXOibpOFt+lFyk1TpbAJyT3k4b9h2UsZOaCRN9GdajCvD7Sw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 28 Apr 2023 06:40:54 GMT

GET
H2 200 Xa2gokIE-V_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 0E84 4 KB
2 KB 180ms
115ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/Xa2gokIE-V_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e311081b4fc79e541ce49419adc15e25e34d92e1cdcc766c18aa61821ae7e597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FxDfGsbfklrzpcGhQ6uWNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1754
x-fb-rlafr: 0
x-fb-debug: 9dWeZP6Qx1LW5xnvglElAV+Uul27bWL3d+4dxmIx4q9WHNBHFEgaTJiC30HTA2d/xocep6QrSkYPUd17Z68UtA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 19 Apr 2023 19:12:58 GMT

GET
H2 200 t8STHm6hU62.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 0E84 71 KB
19 KB 179ms
115ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/t8STHm6hU62.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a375f5042f3615db22984bf9db9b9d07bd5923a9d4d337b4747696142d2a9e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Se7wa/9nUfHy2kFPcPNa0A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 19254
x-fb-rlafr: 0
x-fb-debug: mcrAtvlW+A0p4o93117eRqlrZKh3aDaN9KHcbqTQtmN7DCIebNHm2QFpjm0N7og2XiWD6lLEFMymBB1q+7aM4A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:54:04 GMT

GET
H2 200 91l6iSlk8NH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iWdt4/yc/l/en_GB/ Frame 0E84 203 KB
53 KB 191ms
127ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iWdt4/yc/l/en_GB/91l6iSlk8NH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ff1aafa6c095f839ff3069c941d9c74b3e43f4b807820186d961960dc1b4f5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DJ9my+sLGtvQkLh64Ia3nw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 53996
x-fb-rlafr: 0
x-fb-debug: UxiGlkQrBWMvMx9X8Lw4tg5g6C47a36AVZaQed1i9KJxuQht0GHH+Bo8g5QtREL+KDGgPpsHuWVnYfKAUXH7lg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 19 Apr 2023 20:51:02 GMT

GET
H2 200 XSIH0SWqDEY.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 0E84 21 KB
7 KB 189ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/XSIH0SWqDEY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AwtG79Bq83OcuHbXxj5SPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7058
x-fb-rlafr: 0
x-fb-debug: Q1hETAYDG0d3RzdxSA+eduuYWo8rVBOlvgdRTnVucH8pCiedVaqlMfHMQ3wS4TRMYvzyH5FI5Dq6ELAtj+zufA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:53:35 GMT

GET
H2 200 WF2JFDABLNA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yg/l/en_GB/ Frame 0E84 19 KB
6 KB 188ms
124ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yg/l/en_GB/WF2JFDABLNA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8154e39f3e7d0d371e5525d9907ef2e70cff7e389f6e751b4bae412fdbe1b866

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hGwUGPgFsEeLbw7MYVkXEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5520
x-fb-rlafr: 0
x-fb-debug: OQXqp+vtIYZ1Oq1R1dyrdZAtpfFlBjU7I3PJogaTNZGPqCD6u3rMD7iZvRvQEEA56ToTdM6M0uSz1cBs4g0iXg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 19 Apr 2023 20:55:08 GMT

GET
H2 200 jF8emf1aqCz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCwx4/y8/l/en_GB/ Frame 0E84 110 KB
29 KB 189ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/y8/l/en_GB/jF8emf1aqCz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b09f1ccac5b541c51d8d3cfaf003baba9bd0ecb1ede1444057dd41d0d43ad58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6iXARY8C44f76AzN3N7Hiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 29126
x-fb-rlafr: 0
x-fb-debug: UtYd0tPi3ucj94qzy/Xje5sbys6m8mdMpu7BzvXWg140MzX6E8Lq/7j8SfOU+CPaiZ1ZWjnMM+YGyNKhHZbuQA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 19 Apr 2023 19:17:16 GMT

GET
H2 200 gvU7GpoRB4c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 0E84 206 KB
46 KB 188ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/gvU7GpoRB4c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

58e1d2afc44a6f18f03d4bd19bb18c236aa89cd13aa728996b14cdda66df454e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: egQ7WuWi17gqbZs4l3ZY9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 47161
x-fb-rlafr: 0
x-fb-debug: U5lmVd9KwNM5eQs2nIxgJ2dAfaP4eUmwlKr0K3vas/WCzSLaQaucH+G1lNzX/FbdFLakM4lVyzXdEqOTLI9PNw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 27 Apr 2023 18:05:40 GMT

GET
H2 200 v82SmCoa8YA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 0E84 33 KB
10 KB 188ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/v82SmCoa8YA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7806ebbc8e1a98bb6fd9ff022f2e0e96df951a3ef11de8c5e4c04a36d63e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C4m2XxlJAZPX5ESOnjfMkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 10490
x-fb-rlafr: 0
x-fb-debug: qggQHb+kz06SdHOFn0+5u1humfFJ3ZjwPgxI+an3cI+0mhACdlKJ7AXPCAa8HKcEvNlhizuwVtr12L87y6xGHQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 20:50:27 GMT

GET
H2 200 7TQpq0fzfu4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 0E84 2 KB
1017 B 187ms
124ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/7TQpq0fzfu4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77fbd5f5d22fc14637b7b9206953ca39efcfa1d0eda4d51247318762660c4151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fnPt41io1XH7NArBIsTKyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 825
x-fb-rlafr: 0
x-fb-debug: ztp+9r4/d6t6uXto4V9Bh6kwPr5/udXTcg4IccWwxcelvf903vfztEunrWkbCFcFyTASNnEsYxZVmiYqwYFKFQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 20:50:27 GMT

GET
H2 200 278570253_5058389347574055_1940139956419344345_n.jpg
scontent-cdt1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 0E84 7 KB
8 KB 109ms
34ms Image
image/jpeg 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdt1-1.xx.fbcdn.net/v/t39.30808-6/278570253_5058389347574055_1940139956419344345_n.jpg?stp=dst-jpg_p160x160&_nc_cat=109&ccb=1-5&_nc_sid=dd9801&_nc_ohc=71LyF0TGI5IAX87NTsW&_nc_ht=scontent-cdt1-1.xx&edm=AEDRbFQEAAAA&oh=00_AT9xYZaXya_YBp37JSR-FJOIlIkSuf7I3O-Q5Cox6ndqhw&oe=62743A99
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dd65581b93e9ce19d1bbdaf1e94b4996ca2b0a363bf52e6bcafc2ebe5c0da1b2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 597238437
date: Mon, 02 May 2022 12:22:03 GMT
x-fb-trip-id: 686109401
last-modified: Mon, 18 Apr 2022 11:03:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2729217192
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1713087703
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7617

GET
H2 200 1011673_588371071242594_982496661_n.jpg
scontent-cdt1-1.xx.fbcdn.net/v/t1.18169-1/ Frame 0E84 1 KB
1 KB 110ms
36ms Image
image/jpeg 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-cdt1-1.xx.fbcdn.net/v/t1.18169-1/1011673_588371071242594_982496661_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=106&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=H3feK7eKv5gAX9WR03Z&_nc_ht=scontent-cdt1-1.xx&edm=AEDRbFQEAAAA&oh=00_AT96bBZDHu7jE25vRDo95lBmBOCp_7CZ4UavP6ECzD9jVA&oe=62948AB5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: da97b6661b2a61de0d56e15c069de457fae3f67028c0de1b8fbfce2c2bdfadf7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 789808790
date: Mon, 02 May 2022 12:22:03 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 31 Jan 2014 15:12:38 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1409629898
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1751217763
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1146

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 98ms
49ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1707406991&t=pageview&_s=1&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABEAAAAC~&jid=558372091&gjid=294299904&cid=1755366314.1651494123&tid=UA-3902239-38&_gid=1165098291.1651494123&_r=1&gtm=2wg4r0WTN3THZ&z=1097291199

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 124 B
363 B 92ms
25ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hbw_master_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f0ebc75cbe0a2b0afb94bd74511c828de445a5f10bff01dc7ab08bf343c39b91

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ntn.ua
Date: Mon, 02 May 2022 12:22:01 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 124
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
274 B 91ms
25ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=285194&site_id=899&full_page_url=https%3A%2F%2Fntn.ua%2Fuk%2F&adid=ooykno.fc&features=16416&vpbv=N059&lifecycle_tte=1598
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hbw_master_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ntn.ua
Date: Mon, 02 May 2022 12:22:01 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
432 B 97ms
30ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3902239-38&cid=1755366314.1651494123&jid=558372091&gjid=294299904&_gid=1165098291.1651494123&_u=aEDAAUABEAAAAC~&z=1393906375

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 02 May 2022 12:22:02 GMT
content-type: text/plain
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

03.png
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?v88708&s89294&t3&c1&n512386&w0&y0&d24&r1600
https://i.bigmir.net/cnt/03.png

723 B
897 B

244ms
68ms

Image
image/png

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/03.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
last-modified: Sun, 02 Oct 2005 23:04:59 GMT
server: nginx
etag: "4340679b-2d3"
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 723
expires: Thu, 05 May 2022 12:22:03 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:03 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/03.png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 236ms
67ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 pic.gif
juke.mmi.bemobile.ua/bug/ 56 B
138 B 476ms
65ms Image
image/gif 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=ntn.ua&j=1&nocache=0.8450044385291944
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H3 200 footer_bg.jpg
ntn.ua/images/ 26 KB
27 KB 294ms
293ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/footer_bg.jpg
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26850
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-68e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nhPXQsxRY%2BQk7z4gmCIlLXsax98Vf%2FBCPHSiHPKwTYJZ2nIUrYodHOtmyV6A%2Fe3y642x9v5Vdcdlk%2F10MTXMxdCd9wZbLsMfqDrhpIWxUqlmSE%2BHaPPkj6qCGoPHcrMalcjMxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b85bce8888c1-LHR
expires: Tue, 03 May 2022 12:49:23 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 81ms
39ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293798261393374&ev=PageView&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1651494122857&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651494122856.173360775&it=1651494122610&coo=false&exp=p0&rqm=GET

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 02 May 2022 12:22:02 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 381 B
523 B 26ms
26ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=381324&aid2=381325&aid3=467848&aid4=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hbw_master_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 3e3536fba55c2de296f57e4712ed27b4cdc52cedc3053fd5af5199e6b545ad0f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:01 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ntn.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 245

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=18a9fb9e-254d-407b-90c4-13e281961431

0
407 B

466ms
94ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=18a9fb9e-254d-407b-90c4-13e281961431
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:02 GMT
Server: VertaMedia 1.0
Etag: 33582c1b5345cc7a
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=18a9fb9e-254d-407b-90c4-13e281961431
date: Mon, 02 May 2022 12:22:03 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/285082/ 6 KB
3 KB 79ms
27ms XHR
application/json 45.133.44.4
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/285082/config.json?cb=https%3A%2F%2Fntn.ua%2Fuk%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a1190ca36032aea1bf5bb79a0be001fd17db6de169bbce0473fd681d922c2e2

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 00:02:10 GMT
server: nginx
etag: W/"626f1f82-195e"
content-type: application/json
access-control-allow-origin: https://ntn.ua
expires: Wed, 04 May 2022 12:22:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 135ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ntn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 408 B
246 B 161ms
160ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=860659709413528&correlator=2536737717395506&eid=31065401%2C31061829&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_NTN_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2003x1300&ifi=1&adks=1445112672&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=welcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM&sc=1&cookie_enabled=1&abxe=1&dt=1651494122949&lmt=1651494122&dlt=1651494121843&idt=1080&biw=1600&bih=1200&adxs=-201&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1786&msz=2003x-1&fws=512&ohw=0&ga_vid=1755366314.1651494123&ga_sid=1651494123&ga_hid=1707406991&ga_fc=true&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ade6e5c64a5f00959d9c80f5e1757fac9f19207d37cee2879a24bdb2f4321aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BEFF 6 KB
4 KB 183ms
47ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Tue, 02 May 2023 12:22:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
168 B 150ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ntn.ua
date: Mon, 02 May 2022 12:22:03 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 239 B
420 B 26ms
26ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 16aeedaae9f156009c88df266fc6b2c5eb01b603c20b46d7256462f26f0b773e

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 May 2022 12:22:02 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ntn.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 142

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 3 KB
653 B 96ms
27ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8bff644d210680cf173f5bb6518c8f8afcaaafff45dcbb5bf4a02cbcf62be670

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 May 2022 12:22:02 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ntn.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 375

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
208 B 179ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=18285124917

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 May 2022 12:22:02 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://ntn.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 335 B
1 KB 313ms
174ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55&eid_pubcid.org=b1e0a41e-e288-4612-957a-071f936b6252%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=3a52bcfc-f048-4656-9c64-4e83685b2f00&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Footer%23div-gpt-ad-1516984831775-2&slots=1&rand=0.20070406742964297
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 37aedb6b495b56ae0ae5ef86c6810f02bc19f45627a8eb2fb6cb0d7ad10d61e8

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:03 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ntn.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 335
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 333 B
1 KB 240ms
100ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=15&alt_size_ids=10%2C17&eid_pubcid.org=b1e0a41e-e288-4612-957a-071f936b6252%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=18b742a8-648d-444b-836d-54dc6a495e28&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_Premium1%23div-gpt-ad-1516984831775-3&slots=1&rand=0.4937713610884451
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b2501071cfb347a3518d1637f4dfe535507c824cf235d7c5f61bcfd086033cc1

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:03 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ntn.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 333
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 335 B
1 KB 244ms
103ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767336&size_id=2&alt_size_ids=1%2C43%2C55%2C57&eid_pubcid.org=b1e0a41e-e288-4612-957a-071f936b6252%5E1&rf=https%3A%2F%2Fntn.ua%2Fuk%2F&tg_i.pbadslot=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=f3c45384-afe5-4bc2-ba6e-8bb92db5074f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F58302844%2FSLDS_NTN_TOP%23div-gpt-ad-1516984831775-5&slots=1&rand=0.17238836044107497
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6a100cb1914e8a4ae5ac33f699c795c3c400675e10ba57060d7e192e1c46a5ff

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:03 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://ntn.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 335
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 608 B
924 B 236ms
63ms XHR
application/json 78.46.100.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.100.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lawu
Software: /
Resource Hash: a4369298c59a408181f3c0f99f7754f24afd77b65618aa0d7bd8cf94f03a2b96

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 608
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
736 B 260ms
151ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 3d34284797543624e83155f2560a435fd018c4e50984dd769856ff6260518b9a

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 May 2022 12:22:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ntn.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 72 B
371 B 95ms
34ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fntn.ua%2Fuk%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3a52bcfc-f048-4656-9c64-4e83685b2f00%2C18b742a8-648d-444b-836d-54dc6a495e28%2Cf3c45384-afe5-4bc2-ba6e-8bb92db5074f&nocache=1651494123005&pubcid=b1e0a41e-e288-4612-957a-071f936b6252&aus=970x90%2C468x60%2C320x50%2C728x90%7C240x350%2C240x600%2C300x250%2C240x400%2C300x600%7C970x90%2C728x90%2C468x60%2C320x50%2C970x250%2C970x150&divids=div-gpt-ad-1516984831775-2%2Cdiv-gpt-ad-1516984831775-3%2Cdiv-gpt-ad-1516984831775-5&aucs=%252F58302844%252FSLDS_NTN_Footer%2523div-gpt-ad-1516984831775-2%2C%252F58302844%252FSLDS_NTN_Premium1%2523div-gpt-ad-1516984831775-3%2C%252F58302844%252FSLDS_NTN_TOP%2523div-gpt-ad-1516984831775-5&auid=541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: c134d52ca008c3bafe0844d9ecf32da0077797f86e8a80bb381ec05f360ee189

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ntn.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 SQZZiMWhOLh.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 0E84 767 B
819 B 39ms
39ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/HgfzMzC5QAT.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yT/l/0,cross/HgfzMzC5QAT.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
content-md5: 7Ob9foDk+QbAEt4lrnDs0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 767
x-fb-rlafr: 0
x-fb-debug: 7sNZTq+rfw7N/YkZFmfjNuqU1CasVRD0m56opZPzQdfcSkxeyJcfNDM/AESHslxtQlYTKsvN835JViUelSDMSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 22 Apr 2023 19:11:38 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 0E84 938 B
582 B 80ms
80ms XHR
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1369660723113621&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/y7/l/en_GB/BtCgZXLQzzQ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f8f778eb27c1a497582f53cba8bcc05a4492d1e05284b65a9d96e8f36c69de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: p81M7T5EghXzTJRzaWNkp-
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: HsSOX70nFKGj356YG9UD4UNPFRbb7ASRjzYVVLUY0nm+OhxF6IpqamHP/Xnep32jR+d0AGqUtuT9bZzqNS6cew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 May 2022 12:22:03 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 QOQyWwxyv1g.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 0E84 18 KB
5 KB 119ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/QOQyWwxyv1g.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc19d1432667a92d1c967150374715f0a3af9c2ef0eb0ed998df4a3579bd04ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: whaA/43Sg7w4PZgU/VXspw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5095
x-fb-rlafr: 0
x-fb-debug: 8f5wOQRjC0XCW7AudqRzb0i9kBNKAOWKNLlMJp2vdOBJlKKC0tbh9hHJ2CnNi2fJtd+Aha/Ba55hJN5JOlTz4g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 18:02:15 GMT

GET
H3 200 82Go0vfbbVJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 0E84 355 KB
75 KB 79ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/82Go0vfbbVJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afac71923f02cb655123ccb9fd3b87fcf2da222ffa962bc47449e4dd7bb5c2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NFneteRASEXcVY/dWQOWKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 77025
x-fb-rlafr: 0
x-fb-debug: KsL9l0yvJkYI84tIzpptb/w08ssoZILY0nAaZi6KfIR1VxwhRuhoCv9dKPjW1aQtKE+rtbfIn5TpDVQZKr1Zvw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 19:40:55 GMT

GET
H3 200 BMMfjpIb5ZJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 0E84 50 KB
12 KB 115ms
75ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/BMMfjpIb5ZJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75e6f1025b2fba30808546e72373a8a160f2425c2c54a0a946f8844a7db0040e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: M6CbphOifDvo7Ve7jMxIqw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12615
x-fb-rlafr: 0
x-fb-debug: 2rciSZfRVN18k5KfC4vBedsILRciG72CJsYQap3o0Kw5vuITuA8w18oB0HldLAs6jtFA0qC6io4CpiHkzQ1pEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 29 Apr 2023 22:50:04 GMT

GET
H3 200 LvxWU8GROx1.png
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 0E84 28 KB
29 KB 40ms
40ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/LvxWU8GROx1.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
content-md5: ZWDikb3Ir0bcCPo+/+lPHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 29133
x-fb-rlafr: 0
x-fb-debug: Cq2RF5JUjFbhD+4reXqfOrtWZB1HlAeKs0AZtxdurC9RmwFMQysrN9gYM9j5nrcPsnO77NCKJ6IJgime3XA5NA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 01:35:14 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 218ms
64ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
last-modified: Mon, 02 Jul 2018 17:27:05 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5b3a6069-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 0E84 279 B
243 B 73ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QusOzUJEj2HVYgmawONobw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 189
x-fb-rlafr: 0
x-fb-debug: 3J8zKxPnerW8CLZJwFl8CPlqliuq2xckkQ5KnD0uTvcheS7Zy1bqwVQpYi++95bg9P0xGpPbbfhjItX48d3V/w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 27 Apr 2023 18:05:41 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 0E84 0
0 114ms
114ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fntn.channel%26width%26height%3D260%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dfalse%26appId%3D219434378199819

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/2VSZD9_JH43.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fntn.channel&width&height=260&colorscheme=light&show_faces=true&header=true&stream=false&show_border=false&appId=219434378199819
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 02 May 2022 12:22:03 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: +nyHZbJXTAXw94iYZG4sBXc6lf8Lg4yUq1H7141hrGs9RsLYqnhSw+cESnO4m5eWRYpeRnpekSNXLr19RjNRTA==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 126ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ntn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 23079102_1358876393903_closebutton.png
s0.2mdn.net/ads/richmedia/studio/21515482/ 2 KB
2 KB 137ms
39ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/21515482/23079102_1358876393903_closebutton.png

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 18:12:19 GMT
x-content-type-options: nosniff
age: 65384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1623
x-xss-protection: 0
last-modified: Tue, 22 Jan 2013 17:39:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 May 2022 18:12:19 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 159 KB
58 KB 294ms
294ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=860659709413528&correlator=3229100893088187&eid=31065401%2C31061829&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_InterGroup_NTN_Catfish%2CSLDS_NTN_Footer%2CSLDS_NTN_Premium1%2CSLDS_NTN_TOP&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1366x180%2C970x90%7C468x60%7C320x50%7C728x90%2C240x350%7C240x600%7C300x250%7C240x400%7C300x600%2C970x90%7C728x90%7C468x60%7C320x50%7C970x250%7C970x150&ifi=2&adks=3749508852%2C3558692828%2C952306158%2C3762424195&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Cwelcome%3Dwelcome%26urlgi%3Db16b92afbe9ac02538f4%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM&sc=1&cookie=ID%3D29ae7f964a63b5f3%3AT%3D1651494122%3AS%3DALNI_MaDIwGQ_lof62GivX2E9bD_MtpJww&abxe=1&dt=1651494123322&lmt=1651494123&dlt=1651494121843&idt=1080&biw=1600&bih=1200&adxs=117%2C315%2C1004%2C315&adys=1020%2C1786%2C362%2C25&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fntn.ua%2Fuk%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x2256%7C1160x397%7C300x0%7C1240x50&msz=1366x-1%7C970x0%7C300x0%7C970x0&fws=640%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1755366314.1651494123&ga_sid=1651494123&ga_hid=1707406991&ga_fc=true&btvi=0%7C1%7C0%7C0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

dc93e10b0edae9775fce86a8fe5e1a93870d415a0459184b00dbd8852ce364c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59336
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 41ms
40ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=293798261393374&ev=Microdata&dl=https%3A%2F%2Fntn.ua%2Fuk%2F&rl=&if=false&ts=1651494123360&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%A2%D0%9D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651494122856.173360775&it=1651494122610&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame 48C0 3 KB
1 KB 64ms
64ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 02 May 2022 12:22:03 GMT
etag: W/"5b310391-b5f"
last-modified: Mon, 25 Jun 2018 15:00:33 GMT
server: nginx/1.18.0

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 233ms
65ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9140166D374A4BB88FBA09B927F304D0&time=1651494123171&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=513846257&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
229 B 74ms
74ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=9140166D374A4BB88FBA09B927F304D0&time=1651494123448
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
cache-control: no-cache
server: nginx/1.18.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 blue_bg.png
ntn.ua/images/ 920 B
1 KB 250ms
250ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/images/blue_bg.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/css/ntn.css?v=1.2.15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/css/ntn.css?v=1.2.15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 920
last-modified: Thu, 05 Jun 2014 10:53:02 GMT
server: cloudflare
etag: "53904c0e-398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmK338zUzc2rLU%2BT02mtHFmqdX7TYnJQk7e6%2B6%2FJv%2BMKHvr9M5KBKm7PCB46WnL4AxGeIuHvbR%2F5CvrL5dEMhC2HbG%2B8p800o8gBlqsipAdMR8D09hd43jLyHAC%2F0Kg%2Fb4RCMLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8604e8288c1-LHR
expires: Tue, 03 May 2022 12:49:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 138ms
52ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd9a9782fa2997a2ca1492e41ecf175d602ebc1e51dab39ef92e24f7ae9ee8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10614
x-xss-protection: 0

GET
H3 200 bg_direction_nav.png
ntn.ua/js/flexslider/images/ 6 KB
7 KB 75ms
75ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntn.ua/js/flexslider/images/bg_direction_nav.png
Requested by: Host: ntn.ua
URL: https://ntn.ua/js/flexslider/flexslider.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/js/flexslider/flexslider.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6502
last-modified: Thu, 05 Jun 2014 10:53:03 GMT
server: cloudflare
etag: "53904c0f-1966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJraFNkz9QQfdrykwC2W4Yqgqei2UGgSMHfrPC%2F0GdDrcng%2FXqz0vZU5vKsE7Lpk8eTw4veD2ABVCugpXWwwwr02ls4gDVlAzwMgADpYsg0pWEIAjhyM2GnCXjitHjdhmjqvG%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400, private
accept-ranges: bytes
cf-ray: 7050b8605e9288c1-LHR
expires: Tue, 03 May 2022 12:49:24 GMT

GET
H3 200 container.html Show response
7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4557 6 KB
3 KB 118ms
40ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Tue, 02 May 2023 12:22:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4821 6 KB
3 KB 120ms
45ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Tue, 02 May 2023 12:22:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0761 6 KB
3 KB 115ms
43ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Tue, 02 May 2023 12:22:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C84A 6 KB
3 KB 117ms
47ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Tue, 02 May 2023 12:22:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 151ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0B87 624 B
340 B 138ms
51ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQiraNnwMY_OCRxQEwAQ&v=APEucNVAHMd99ObPQ0JI1MgG7bD0hKkH_mF0mSCjeCOoEyx-FU6bwLXTn0UgDrfH2UITVoSja0vwg8aRjmc3-ofJNtOHV91YkloqEoL6Vzxn9TqW_BBL3N0Ogs3Dl0SVeyQH3KDyl21QDPB9veuDKg-07Cfrfnl3QIdc0w_JHEukQimM21Rp-Jg

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 50A3 19 KB
8 KB 119ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:16:33 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 50A3 6 KB
3 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 11:45:39 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50A3 0
622 B 171ms
81ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2jL1_TixNnVzC2U3-OsTvKdpm1F4PtrDHefA0SE2hw9LSMOXm3o6-LUQGdRTioGUy5tU4TZDYXrPNkGTLGq8aHcZ7JiMHGGOemWX6v-R7oSG9koHfqTFwKtDs48rPWBMAahkeVjS1rsxc1eNGiR0Oub2xS77nR6NxRTtI2llexuOz8oyFmV6mpm8g3k0o6tG7OPZ2323X_3jTBbTdvDugaVTG-eQOMGwd9Fey4eUpk46IM8Y6wv790UUBRsu9VwLkbIKj5UmuJ8Kd0PEiDgzGk9_S5h6wmebnT2TipN4x0A0XdIFYDzocm0m-adStdnCrIrnBODGY9dpMnm7JQkINnvlybCTIkmmP3mSEQanJ9luCEac5zu_IlZQmm5x_Vxyo-c9T-lsxLE5r1p8ye-v-4_63R-JxK1k6dmfQSmzM38-cRJckwerIKJx7Pq1oNxuQWiz3vI9qWc_hmZeN1e6h0JNJ_U3CCRKq-shzxsYB1GwYwYZv11TiNACxPC7GLaOIQjyEMvJDmBF7PVhufdunGEZarSFqRXuoPzv_xJt2LYEffr-JjnO_gzpZ2YUloDi5kPpRh8bAkiuF1hST6vMroR_C44otQW_8byGvNKqiItR_RoWe5ZmKDe579Uhuuqee-sR2ovQAx7s79ZyoHXnvKHdPhMI0SXEcilbyG8_hqeBUkVLMAhg8xaNZpg_kHSo79YQ_QI8G2mSjgGjZx8I4UHN5VdZxf0JJ_OZlumUFHFYhmJfKbr10qB6pnrdL3tkEjxsSzxrViMaoVLlmppdN1KQQPEqdKREe5BJ0K12X6rDV1o2J98BCnzMk7fNbe4sfwLWL1HClaLocIH0D8UtBWWRPYAqsvpT_WsmUFKHHkP7GGg0JM5XiY4Oj-e-hu0ONmcL9tJ4lZgEUkfHmnyWzLMH5oHwMO2rNY0c8HJfp-CU-Ec_wCPvG9iZDrImCTy3xe6VwqGLKMuvGzMyq7gi_7GjqyqzJMXwCeyujqzBtkac9Lfr_3rP6DNc7hjrDs7yHmncuUBiKQhFCHk79wGaA_YyPWvGay3rr-PIGhsxMWTJQaahagko4F8ju47uXZ6kzgZ6xdRJX7Ksk9hQxbUxfDLEp0CjcQCoN76lepq8s5cQH8hNBbvhCxp95BObOrqQSCVh0yHXodhjFy68f6zPT4opsgzwO6AKcEAqzlKbyai3J7oZk2h3Q-umqHRsYDvtAlWxmskcw_yl0YRAQq3FJAPpA&sai=AMfl-YS8MFksvZk88W5fmnRYQDf6EZe7LS5XOJ8IzAsu989x7m-Hxbrtt2cAKOsVZ3vsHvHx1CY5d-BOaBEkFXZLJhG5LrnxiYjJn42mcR3_BBU482xmJrCKf4JcQeyLmYxVnHDRd0Gd4_fA98gIClUO_aOcPor-BSsIdsOQNqIQjqb2-3r2psGR_lptJIjii8DBCRmm7TWXTk29_TjUwoI76ACbUo3jfib4ibVZ0rvXm7zk0ThIU_mF8AAbogcJZRX09f5tgjvjxqdtboXhSFBXSaLJe0aKiP4n6HteHlA&sig=Cg0ArKJSzD-tGoMYLaz4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220427.82897&adurl=

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 02 May 2022 12:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 50A3 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 12:32:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 50A3 3 KB
2 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:18:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50A3 120 KB
37 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 50A3 15 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 50A3 0
0 132ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0QscKCzwfBtPujDdHZSq9KeZChIIeMpIi8wYFIdI5fMUohngeCOx2rDzzjKlcO5vhtkkyw_bieD659cMv2mj0QEJ_AA
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50A3 42 B
63 B 146ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bj3f5YJYyUBCCjeq-nejnrpn-151itr4BLCm5y46uoZTJSJLOdZRhonrH0wV94tmYipikJiZKFQ_KXJWNvEjTKOJsQODXjp99fbPS1FoMe_fOloSc

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2942796028215668287
s0.2mdn.net/simgad/ Frame 50A3 169 KB
169 KB 118ms
39ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2942796028215668287

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a1fddbf073c2dc9a0a9e04e6b20e593f1bde7740ca7a686439bcc0b3026d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 21:59:02 GMT
x-content-type-options: nosniff
age: 310981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172803
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 15:48:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Apr 2023 21:59:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DAF9 640 B
359 B 171ms
99ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C586 14 KB
11 KB 142ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsbKjcTPc1kLh8rcgxciQV6twKZoSw9iMthrPZANE1QgBvNkRylw0mVSqdpibys8Ndv7l1ynKx3OtuFaFG0awszipf6G4yqEdkD9_eNugjIDUYjMAl6P83lGftVKWY5-O5XAVXD4RF3kQ34LS7ypLWCC8dnw&dbm_d=AKAmf-DdoOj1aSPtq5sOFfpD0sQzA8pF5Arvw3X-wj-4kru0srE75big33Sg40QM8lkbPDNlfpbR2owS9nVW0TywjflqJh7IbOCMJ2AEWvKIdz8fVT18KK5sBMiOG9LlCtu4YXl1y3GmB-Udu8S7igm1oX_cDpFNaiHEITdBAAp0td9mPCJcrsoxR1jfbd1aLTnnpADRH0y_f3XSNrIqHPyLAvvd_kzsHm4NRbOk5_KK4p1IhhPFrpp3ZdxaO2WGX6y7Htkop9S6hTCYPE_rh967Qm8J2KFqOO-CftoY-QL9SkGKS1jcnncNor-WgtfNqa82TexUvuS4GHdFxaqC2xeFXIJ8REdRPDCQpNlwf_nPTeRFR5Bg-ofuQxGyvR6sOIMfpj6joS9Ot_ntofOsBZ9RqF7cCJhgXATO74HIXov_e2PQHubccHQ9kTJg1JdOIuwwvAr19WzZY_vQBe71e-TGR0hyNaJIQFNSxcv2hMmH1ajF9i3KTD5tLKJqiXIgorPX_PUzzej1VhS1pfQ5UTlhwZY-ELnYT4RDULSauWr879z6rX1OhWT0vVM0QEdvaUGsaUJ5irzonhu0V8o22H9btq4i0fQVs1eGVmnE30v1L6-ucfa7kACRUDC1hS0sCodnUjioGWGsVkcl4_60KPN2zPq0JwEeHczf8GNF_SrCfTQygI2lYa_cuGcxhe8KpU3Bn6S7sPj7Xlj9Ln7rljnxzRGol2hNicr_jmRE2Ra6ezbcWmshKr43k_hKrbnLccUAyvhPPq28G_xzSWwM6vbMKAX6OpeJ-5rZTyfI4a8v_HqhwpyfaMOirYIfSTXePbQDaEATQLiN3b92bJitpmiQYlCpZsoNTvTxW8CnnQd4_-ecJx_coJePrheNUpdBMYO__wRJ6utvh_ytWh_54-Ik3L1M4EIASo-fE1XDfhEZs58XSpc484X2tQoi2Judgw0zpns3dL2kZVUi5M-1k0b4sKugPjh7VeUxDStgNWAc1pfZFsqwoLhOnZkh7MSln7xL180VrgDupKkkq4MX140E2qBJoqGpy6nQbpghTt497H5fLmaVH9-E_3qKj_0h3SH-1PcUNB73544xrXHn76Jp86z638uII4vgwQGtH7uJYBMQAsS6WVvf62jsy-ycRzalCv9XoQchykhd63z8DFCmYpdMxJH1tc-VHhSooRGHrlqCJ-ATiUc0d4TwI3GUDxdKcT8rcxtdlrFAgenW3I7udnfOUSzMln_VzLvzHyeL0pfrCIMiTB01d07dNaeq8OnybPzQWWNuVtuJCYfub-2U2hF4HlnldAmY0bf4s7X_EcEOGXJeUw46RrfKn_CSfZRaCfq6FdOdDYxwcyPMo_nsoE2682FUoiV76wiczOd84U6nnd2C3-1SNuexJn3WaGW__M5UmczLVaokHVU924KkvgMfDwzgOVw33bvjFPsY-TkGnU7BnMWl0TR8PzV1oxfBlUeVzJfSqoysrOH4sf4TkFp2BrYaSiiykc_uMutW24jl4tzaZkVDpoY335wAjfPKEuIv6EmMz2luuuQsy5dFbBgjqcJttC-UFMxIiWjtRfaluPW3Vbc3GNDVesqTEaEuIKJRgN8s2T9g7l7qSVc26vCNrNB6_V8jo0o-tnHu0a4RR5r34KC3EiZfvQX_2Vk5GESHsLGIxW24YCxksBZ5dW8R_VJK6T50lil1S94AevB4KhjqauQVv8JoWdya-sTE0VOqPuA5EEPI3ckWLPdM-o01feMkOJnURQEi6OlKOvGc_yQWpJ1LJdy0ikYzcnAdvT-2S4Y5GvNvW2ztUiQ40LtFw2zPHP4HYFraTaV2IH-0H1o5iTkdglVNEuGktajaZv4y6En90PbqCGWTtpQLIh3OaLwZI9ExJuzqz38sp0vtd8z6mt03MR8Lw_LnCXEuQ_FMdkVvFT4XzHeUgovB3IhOIyGC24XEXdWfjTWw3ZAMHwGLl0qBk2anrdA10GwUruAw7GXMUTkAAK3fxOM2bRtYz0nv-R-Jxjymn4kJbWmhzszs8_IekRh6SzZKECAGcmlWjVO6HhqaGvlHMLIKYTE-QZjbdbSbiPucE7DV-BVPzgsn7O_jooChGGb36XpDHXfBXadGIYmbf8rfRFNDC3xmUooGdTXLxc6PrZivsugLCzLohCJvX0ClgYNBEzRNvXJPqyejGABC7DI0MPe3Xp_aKPlkmLC0WNo4LsmGL2MBq04qbM9hFTs2LFAcG0BPYTAqSom4N-q-7I7d8ylTo8Vo8bUBcPu4G3gzbPCS4U21DDiaifQulQ2z5VTVGpQBT7eva9dZlOrb3oaj4nuzsxMBYG_5tGNEgoSyxTuOXm6zeDlfcTR95oGv9whpBBtdkyYeyL372-M42U9IBOlDN4M8LfnW6G0wDJ-PitU27DiqsmE_8-EbM44NUWMaILdzv3jUdOpSSaJ7NctjoWFTuimlOgQyaiMrVMXWi4S4r6YJycDYM04rHKDEGP5dRYqOH8ZbaTgWD6NNt1tpAnO9xGwYkgWT-N1qvNTzP4WjOCGUY7i7ZYn3qcOh9af5xv15cLPjwkyV7KDKFnxJAqOjcuyyxomgTS_eAVDqlRezpvI3GDk1kE6HM9rDH_03qFkJ4qXkBPGSy4zlGe9THwVhV5RBXvgOQ5GGHmVgtdLbbLERMthXOUQ&cid=CAASJORoVm3--ySK67RGL7pmZ0jx14DPlmdzpuHiw2yIbFC56FPf6A&rfl=2%2Chttps%253A%252F%252Fntn.ua%252F%240

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbbe154909f23ee97bde849e6a052aa2d421e45cc66caf649fca49d6ed6ba88b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10602
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1019799/62566992/xbbe/creative/ Frame C586 240 KB
74 KB 249ms
143ms Script
application/javascript 3.248.54.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1019799/62566992/xbbe/creative/adj?p=APEucNWilZZpv_-c-SlQEeDE0fyDdIrFuQnSVwQYapLcPUHfvaKrAtA&d=CnkAoCZ_4Ai292COjNOe_PDtyVZpVOPpi19-XMI5skfsdnZ9WT_a-6aEkv-QXyHl_-Y8LBowWp66WTTc0XN__7zMjwuOjSeFh3ZTkpLmS7JmxHk5oS0zVicg5j0fBRh6JYpJ3k7roW3Q8lf_VdFvbmXbMNCBzabssEzNEokTAKAmf-CP0N-6KHjpb0zQxylI5ZpE62nO1W0RWY9hKPy4DnupL4UKkCg4IcJECxLOg7IUE0W0H0yUSF5XtFHJwUmhoFYHcicdpECaDr3LKL--AtK2Oz9sp_meqXvqvv8oroGW92ta6y2I5TNidmDxvXmmrkgHpyE8JlVg3BuywyH_ifZ4gFad-bJGGlX_z492TS2X2kV2OwrK8QiiMXY-FRbF2lk9U_ymy4W5mPRQXDmZnsheGrBEgzIF_0qRC5f-afEMTpJA7uhKCPnWF3QvrnHmJWowKBRV5aPLuim7lM8W6D-pLadMRIt_KDYxJWErykqTec2LqmaowuWvEX129EdxFtM9MEAxz-OXCc2ZV8soPyKPjjVkjwI9zMSd0Ws0Be5K9dlDfcTyedsuh9buKuJS8Srh4RPlGmbccM43SZfZJ6LFmrI6l9a9kBxCuXEo5HqSi_Pw8WWHH9n0VGu7xcLMejGJthVA8_i4J78rif5EIx7nGhnAlULzkezg0pkJ8oQrjTamuWZOd6gy0ctqJAFR5_gqfzx-pQ7WStpZww44dNBlvXqW7TMi4alCycSV8bz0WwbNI43Ax1IusN0Uxe9L0Ue_YlUCVPq_vK3KnfUw5Z44GsSaOoCo2hj8mTMLLdrjazb6cctF1iUnY_C2wGq5lIxbE5e0euohdukAAMXNaQnUMrHpSqArVFdvYlGjT8ahlHqRBTwhc92RrBlYOtT8lnCveQkMEaIeVrO28D7fR_0VLuXtmqAHzVeXli7GhxOrkisiOpo_i6UDnzLgmzx1Uf9EH__TYxCvPnIQN3A1QQQlT0wgkz-qNmJdYlnq68eR5Ykfp08on0GeULWekT9Ph3gqwjD8wLHO3o2072tlG9nvZ737LJeqCYDmkCulBBN6ucJsRvdc6GdGeyQ-txAmx6fM0bA3kw4FD8653wdKlQ_7lHaHvMUb3OtCLKGsDUJCbEyGg-6LlC1T-c-xRtLJAOInDSDTMa49dIDJDyJHS2iw1CwvTCBN43kwe9LAuDBwjpogNmqErX5St6mKHG934h2QMJIFb1CqDbPvq3uK_QLof7DjvFjY3b6wNyilLjLMZALA9OTWOkJW9Q2j62oZ0cGBrgd0cs8vXv-aKScpYTEdrRWPP-I1_sgYFr0CDxqM_1UepyLNqCumVdnFh7AtY5KshK1jnIZIEHLbjKptBCKc-dHfavNnMfsD-QL_rF6m04XXzYGqzLtWDAhQ4B1aE3xcga54MVU4Orbu-VP6nw9fc7kIcY4TFX-KdtGTtvFqH0vszHMCBPWL4f27rLU7vBlRs-4i8qr40lN2mmzaGXQz4Lz3RJ_FjIEzav1QflVja1jf_yiCe5Ac7k748o2b8AYInsgXWpFcxtHoLhVkis8KYZ2BulJFhOtTVdFkVELa2RYaHi2tGhKOtB-UqXZui83RAlLwDgVhqAkvwVj_nKkApIzEvosjBPYZWzPmD2ih5lWFDWr5w-nCIgUaO3v-1yUUvj7SpftssKXuk2UgrUvgnEi6G_o4Aj-itk9staxu6f388SMj2-63ZexUxPRL-zDhgBmAD5sGWGJyhLlTaDe_cHhuV9k_5ADLNhAHNzLueCRY0u9ZWHyVEXOBWVYjpQNxwFWQGdMU0Jr-Zo5tqDR_8pa1lLjSlDm9ewT3PAEHKTHN4OB2T7H2V7xTmdmbjPIDbuBDDhQi3wW01S314ezrDC99YNGeN7vGqY2AtYb7HmdUuvQ-Je3Murrk1cfLz28SpdvJpN3WP8JrmBqBiIcNne62vnoDP4e8Qn052v-_9Y7z7z2J8wyPn5ZkYeNj_hxBzMPsnqBczaIGhDXrx_5bC_6lScl_5htkbXcDNjFz4nrimOfwgZzfq5f02ByPnT8STdvKIVFfirNNespZzdV0waQ2SL69TprQkH6cfU4rdtCi7tYqr1hIx6ZbxnvmXm36Kl0v3xWcaKZHfi3ytu6DdMBmg2GxWgyE4RkFS8MGKauYZukU_OgVeJpIvvcd-aTn7G5h9scqF4adjd1E5U02aeZnNoRhZfOw8jL-yBYHQT5RGzKTr_vvR_3F-eTRDSAHd-qhR5uTpA-0RZTM4ZR-KBFiQARrm80gyUINOFYCwiZTyeAnyb1kQLq3EWqMoQizKdoPmqVvLpkTOKzcVHnvbA0NXpIlBUMRaRAJRA51NaQ5eb0Jz5dIFSP_r4e7rug1QZWBifwKb52kcDrqziJg3Ao71mEo5vEGAoE4VBcHF-3j_tuOaNHLfeIRO4YwDqAfa1bWNNkTK-w9_uvLLM-aX0jAv1zNdD75hFNQs4e-yr90fx-adcePbD-eGHsypjbCGVhKQ6mIMwjveAE3jY6Dju6e_tm9HRv9JlTBOn_Y12c7D50jHW6-A_E-MAiTN5VWckULRbp4rHitYHIfpqpSzn-CAU1sJWP7XZdR-k60atWAUQMEs1bNmAKpiXcJOx9NzVNKXbGcoop9iBfW4Owo3liL5R8m5fgJTHLHM9G8HnppEineuMCxx6LISaDygsO57Gej_02euJEuC0dfA-YZ5l_9C0tU6fqfxRGI1iTJDRaWGnrrb54j2vpxo9UZvM36c0BDZOKyNJXjfysJLOG3331_Ov-DIbgKIJxhLN57R_wlBmfmyLvTQf1DpeQiBDfl7etlK9XZCYzbmrQejWXS6Ral8y7I7GirvIYGzb-wfbaWLEDqdNzThvlxjCWUfuHA64GNJKEhd4KDBknOllCwhaQrfDIwytcRMuSf9QHUoOWF9eXXbBFd6r25M5sKpGpPpLKC2qRkyinUZygoFMQFq_st4lXdkbQ08y-4Radob7ylgDZR94td3KDRtWnGjhw8_3tPYr3P3v-EE7Wq6ng50DbxmjxO5B1Weqflf80cfg27bBqEQ5Tbkr-vLkmWzd4ZsUaJbTq6Q4M8MrIN8Xl3amraxmSTJNruAIrwHVVOjFFIpVGGjQJc2EzDb3JvHzPqQP7j7px8LAsnCjHamreVOOahGiNtbrANbjud8Mu7R9zqcIfysY-0X2mA7bAhHciA10d8Pb01nNFRe-dIwPAdddNIEqzNol1peNYGA4fy5nU6zQhohJR8vQAfqTwwKWw6jqBNh1dcdXmTnV96uy6qWAGs2JKweD0Lt19dz3qZs9R7iVvIHZpnPXX38_TAxlIaPASN9nAHjdF4go7fNopBBx6Bp3qlu6pxqf24e7tQaGyyThmnNKFKMWTUTVQA7j4m2uBOaBb8eGR3_d1bLkDiOAf7tkYaKAgAEiTkaFZt_vskiuu0Ri-6ZmdI8deAz5Znc6bh4sNsiGxQuehT3-hgAQ&ias_dspID=3&ias_campId=1006201864&ias_pubId=pub-2070890256337765&ias_chanId=1&ias_placementId=16725270697&bidurl=https://ntn.ua/uk/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iSncERAlm3XgxzS6cq1CBT
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.54.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-54-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 414409463cf488fb0a0b8e1d95ffa24b8d650fb582eefb311c54cb928bf92124

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C586 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:18:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C586 120 KB
37 KB 201ms
124ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C586 15 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C586 0
0 122ms
46ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTx9QI0UFZINahD4QL9oQLDhsQ_u7UXJBz7tcm5MZzG5Eg2haTmnkMxsk4nHQa4GXXW_zx7LXKHavGNWipAmOzvQFB1Mw
Requested by: Host: ntn.ua
URL: https://ntn.ua/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C586 42 B
63 B 135ms
71ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAm-FMzLJlTJEywOIHvqQeGEBLYA_4MIvUxVDvclp9KL2eSz__8IbFxBEFmAmuHSXMmt1VL5IDBnneZ2KeqNVKTv_uXvobBESsjY6OJNmTzic7Y0g

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0299 624 B
733 B 118ms
50ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW58zGATAB&v=APEucNVqP3ZyG8iQ5Aa3ejcDIOb-zv9TAvwS_V35FqMwNwdyYD6pTiXGSDpQnr-88ThkgZ4BbvTd-HbB8j79A0btLgjjAIMHrochdn4kqsctwjYpnHELuA-tppt-tCjG38At0nBQvxptoz9F9VAR1zfPCycOR55yazjEAgfC5Y6XYzDRGCRwXyM

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4821 14 KB
10 KB 181ms
113ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cod17qwPdrbm5eeXIhX6XyMOtEslGQDoob5kFlXIM9d8I5Y2FrDfr9IDfLXz_vS2FF23InMg2AKfi6l762O8hKG0EZFJR3qDmnaFFOrF593OBAvUfT8O0CnmKmjIIuCHSFEKsPKEO8eKVie7EVosIR8Iwb9Q&cry=1&dbm_d=AKAmf-AwXUOwJb88gdd6gX_7N5CzfvznMwDCI-fWqmf5MuMjJqH5oVdYmhJHqcx7S867GEU_F3aFKw-4gHwoZk1-VmddYbvdsbv-Cpp-GECipvZJO270l1Crki_SNGE7m2tg_FgAo-6iiNOmlAPkKoo25qyQ3V7JPFN3hoVpR63sjQKRUzosZUDfx2NTU9QqvAYwFYtv6-QmdYQCYnXSM8DMnmSG8vFpDf4Z-E6B70thGTtdabjPW1jhQLP2Bfatpv7QqlXw-NPNlqDoUSqsbl1xlaT30LMWN9LARDsx4wDtpThPktNqJ8OTtLcNiGS5fxOdWYEsca4SL3CA_egZ5K6v1V-zotFltI1DjnSd9hQQad4HYWkIxfWroD9Ip-eASkBoLzl3COEP1qxTuiXLBHUc4ayH1nsvnVnChRa9iT5PDVc-k2QhCQYV_OOWcnc0rmNt_YWnEqE7simmmAFvz3tdL8qk9bJ7II1LkfMwGpP9w5CjwnAeJPSMfkUAQK2PLm3xksly2hP6RpfFT9RC2SQJQV6ZcRHMU5mGwmT20g38h4CaBkhNQJSTZI5DxZu4zsKJ2EbZFG20g3Cd_grY6DhyJRZ8qjqVZlrgg3obGNQ4A5jmWMcWPL9wnHTgGOUdERitQI5J9LUEj1ECcn_ScI9wNl4Enh-4Vil6vQmjSny8d_b-8SV9ohpMuDf9NIsUvxh2PzsI2OqrS9bl5OvtfHkgKugLS114WnRVzqC9FoXcImL_DmZpftdvgUYHkAD_bLI6p__VPJqknNYZAaqFsqFyx8I17wTosf_l9GUMsM0Sb8t3mhQxcSJ_C4BSRaot9CY4MCCxuxaX2Bk3BpZmUAE4i_C5BGxt0aS-IVUf_tszSADExRSWCigo_Sbx_-P8hgkoIRBOTkNrZfEUstBs9y5rBYDMbpJZ7vY0PqRom9sE-l3Igs0zH6gLYtiysTpTd3kGO1hNHTJUAWp5yTqhCgZfy11PaHfGUaeChL__2acWUX6ZNSAaYvgNNWaZYHTdsDLptBH3ZtdDG0L-mE9pzqdn61eQaBLB5kqdWk5YS7q5j8YcyDNPZRPRqKc3qHeQ-_YEixGnYnfokaEk2luYNRTf2OsG8yGdXX9faZgwV9Y0xKfn0LuauotRIzq6AtRhWPOGTCjlAEbQBz1fh_OTtjHQmHJOeqG41EyCveFlfEkbQsIqe7pYrACLU6L6ZGMOoCvlusJQqmIzB0CILqMH3OrKluAEcSwqXYsaeZlcBUtXJwZEeP6jNBfWBA8w5BL9epscZqHKYzJhI9eUgIRLzn4hhYz9tg4FpxgipeSEk-LcfIfz6zx_kwUp1f-cbGM2h5s1djcMl3lGb5rmPfVjGqFD-N-1jDr8zuLxw_yqDEFVbzAtKZSkNSb33gLLgb6SSO4N_fLI4tXWb9g9fsUxXbbz6lP1xYvsjEcO2frVKlWNHlcwpChsb_dATpawcmytHlf5OfzXpTr8e0yjom805PMsMTxi0ZM3qK5oA_aTJmSAI0Xm9wCOyBZUYLSRiDbaqIYb94XZqaNlF7PIX7h8ylkvG2zYpnHIXVjJVjS4t6Mb3Iku0XfrVS0GWB_Q8CvuTB08SSDigxfhxJ439P8HGeN0HqTdgG8iMFFJF78Pu8rfbao_3bYWRKptG4UsTKLvWdHI-NpI4oiyWWvTILNJxtGAqjXvZGY6oYZ6suh7t8FIGqhs4MiN6RQod31vTG9nrjD_4ei6EnOGciv_xy1eQQfdg0VG1oVAFxl5veDzIs6GqxF7AA4R0USXKaeOS4w7_X3VZ2VFu_lM1-yQrI1YsQQoKh7b458ry_yQiD3guGL2BS19XE03C5IiSIx8AJrWedbCiqcjsBD8Xyl7q3xdvNftGbdsHcxFwc37-0Wo5tuydCfoFkDooaA6BmOevY_f42yDj1MP7zOS_hH1VZIu9q8g3sQpq6N1nHzjOfTxdUoPVlvBKoPNdGj0LmKCuBEjjDWTzzaCyU7vW5r3xzRsUMR_VLZ_brIupyA-uXt-z-qKzsgHlfrxUTdPMa3YAoVWM8HqQ0T6YIZg_bIVG_foaMT19BYbu2WYOjYBjsyJLzLQ92Xk9SO5-MUQOvv1l65ujsnVA-ldpmwTVuGgbSdLCk_mM8fXg21loZu4PoMbRQOzq4oVfcAJqdo0GK42GVE_r8MQCxVl4Dv6_drui_2uFwx5WovvcPQDQPvdsp3DXeHfoyo-370mmEF66hU7_EgkCtKHfw4S20v-3xdan_pFyS9BVYX0P498H_HabRPglF5W1D8_stnkaI2ZTRxuGW0w6VhjRaHaccNEop_EZdxbrPGjCr-8XQ7iwXplKPt70wTkUKVuqnQDtTYk9F01J1BOzZXNJN97wmS_WA_Rs8EfL6Euwmk7affiIZ-0gWYWyqA-2ltmsFcVBsCkU_nKWY_nFzn8Tb76nL-GaA1GYLFTTINY9AZK_mIa44K4NghqGusvxt871E5xAKfG9xPd9q0UR1qNRTEe8bebo91_434kqkLNj0zy_BcNfJWObQVYk2PvwnVjCTx-yehbsUNnQwzvdxbR9wpdlGCWU2hTvXVEPKaKp2hB051Gwzoyv4jS3E2lsG5thgetNtBz7UynQFxIoxFM2UiQYenKWWtGpteIJcXkqnF7qL14K-pEO-roODZVAqA2wSJqlwoAmcR0cYYbHU_sZ-xLe4iGGtmmyvNPRVqSYsAmFW-MHq22sojogcWVTfhQ-0icE1IeR_BiaHlVwwi9hhmpwBhzpEGLm6hqG3iPxiLavpHt_WSZA8MmYU_2MJPoGveEKFqwglHuqNhqzAiJsAiD48KB2V2T2EguoGGRdCtW4oCDCpgbI3NMA4xUjPkwhr_7EOJQc8k0Z2UySo13_56O8Xelpm-xHi7HUU1UkBgq0Dd0zjGjkegZj-aqUtFLtFwyBwg7y9ImB0qXkXNWW_9uxW0goG-a1b-TWDcg2ooT4YC16qUxGzMeu_WxeuJVuzBacoBBwSG_m0pKW7QZgMl0YeWLw9ntL68Jj6M_IohIU1fTgQnaEr21-oHa4_90VmJ4Ctd8tjs33v9je8S40paysrftkpEXSyTeUPkVRf001CgmeDzeNQXUAsDSSm-YMsA0EqkOog51JjsIw4UqknFMX20ouphaD69kqhHzVFcNLdKQ69u7u8BPorikR5jHwAiETFVyR-zrbR3F_7zXoIo6Cya_Q2XgAssBegz0zJFmvZE9zp9HtsrNKiLayWEA5fvLY3gbA71QCaSmJrEysTHKPpEod-6_xk1leFL_nzv1aHKU2yoIA3HwU0kp-cnTJcG0HiJa6Um4AAbSnHxK0JhPp5Xj9eJfO7RWz6bUYDOgkrEVLy3NVSGqKiiEGgRmm7bdmRbWC4WFIg3BLB5uFXIfAc7ElPgTT788fjqE4ec1R_1ZzGk38k8PpC3wS2_H-9iy4k4iX-DxgfF6SW3HwFG4QZW92zu659ECkGC6X9ZrVkIfF5rfjgz_kXeppJp0jmgjZWQ75BvGo-F1fsGkXL87eoMZnfz0QLP7txKryea1G4KLs8MYqqxgy_stYNeE-ntzWO4&cid=CAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72244f28046988c7bb270cd057df6a1b0ce621bd320115d957f9969ff90822d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10643
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4821 42 B
63 B 133ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5aTGTpwbADroNnB3mm1ObIY1MBEjXmJfeisiAj6FTo2r18C62v68Yf_hedLvTb9G2iHIjJaz03BOVPAPEUKvxwNbFE1vo5aglZ8WkgEqOP-4nF4w

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 4821 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:18:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4821 120 KB
36 KB 216ms
143ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 4821 15 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4821 0
0 119ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm3UBnw0UxDDbwwtbz6wZT4tb589PrUlki1IiaG-MFEOtOt6CpVCOz_VgCzpuAQMPCi3d5mH0ei4G-MO33yi96MFUtiQ
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CCA8 640 B
363 B 163ms
98ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C84A 14 KB
11 KB 149ms
85ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdmSBN_QUXxLFU3-ff7hOgL8I5ZmB2qgVa6zYkJQhrTGqVRNEk8PjvGOvaq5Bpz7MsnDa4BwYz9fbj74aTWk4uf1m6jWe6K316PCFM1196MGsoWFUghzmsJLeSITicGjS0kwu1nwNkvXZejPMiB__qbGGbng&dbm_d=AKAmf-CsjeWf4x0EUXx-z29WlDCWAzEm9U2LBM5O0fpIS5U2udZuCHxGJRO2xqTMqu44fAXJK_uIh_JWxZ0AZV3JwTS3bZ0F-snWb_Dmato_TR7nWuOgMiveEOwiohBDdisW0EyA-iLH9Y-AqtAMBzXyrY5lRNuPTHFwsLvwQwvd_sUwDpFNRSuaOp3X96rU3AVSBx6VY_uN8ALiudxcZEz4Rih9bETiSE-oJILLW6APJ8e9TkzRqsVnV5Iqa0E4jg4-N1UVj6YAzWDGE3HAWdx2040_b7rf6PtFwW8Em9G0pBA5IvlRK3iWDDCbND1YJlB5OQ2QArGGktp5tTDQ68uHgZUMMonVd0ehrcDE8EyKSPPMWCOo_ViQhTcPIoiAXp3mlagj621KBTDofjvJIe-p1jce_CJ5FZMyNyxkpRHFN_7pycg51e-Q4oWWaqMTuA4GIbPmNq36P4gibK6LJSo-RMFk3VnaDTjeHdBTd40TwfhnvUu8xK9ICZqx7SYOpyR4aWWe7NqbN6ftg7spIg1DTWgzDDEux7KUUQaqGSO2d0gnAxCmdullhU_cg9NwuqaaQc10_OCJKbhi9f3CY2_nlYaW9qnldqbowbsK3HuDHHq88k-YqyxLdsIqO0_6XhzhGRG9JIMKoilvgLDW5tZblCqtIbQHPAGmUKWRoP5mykpDABL0Kog_lTdNcorAuY2z4jpDYGm8XzIFM3JGwT9Xl9GFKhDpx9Ph1rrElLFNWmMpH--89XGNJiyhhsBfUSfcJ7FEdRp5om9hp74nH3h1jy3FBFF0sR0Eq6Y9bY_YuzB0uYEOLvHh_MkdYGuGDmlZ8AIm2PamkWreilNc2-dboZND946RRmpQ5tXWs8NidJ_za56CGtFWEho0E_wB_jqIl9BsGo16AQ3n2xnBcEzeC8yzWStMZDopJp08h0qT-jfayeXVzQ0sJ62IFsc4MIHIXTWWtp3-23-7X1xa41lJQYP3f2RZ7yHJFGDwnxGrwKwyhfZnH4sSR95sUlVl4TUcesOuaxnlb7QBGko3MC_ed8s8ljacEf4yiuSQNz877f6ttCmXS9mpX0nzY1FJiNR55qxJLuQLTfsb-Dp-_IkWcu84GR7g9KRBu0nQ2JrV7gOPZ7Nbc6bIxv0q5c4NYNfjnVMfTtSnbZ_qN4WqFw5QILPmGZc5r615jiuIlzxhrThMXHiRP6z9Kj8_jSt9ETTNyZjkxfyIW702IH6tufNL-5U_vfTrhZiLHVg0joz4k0jy2NzEezFdsAKcK0Np3-9Vd53loQeVqhR0j4qntZAnMHsImAXqNNeRDsgdxd9HWBo-dXpmU2x4Ku49G8PSMLcw4fMswyCV2zAR-1IG_fma1_sNgrBFnjT62pX0pwAW0RuF2kSrWfBb0bZ5m-vAOYc1LLvDqa_nAKldlSOwx-kFrVDT2W5aORpq01KoL9uBk99dd9y9FVd2Vlx9V1pbafOQYAbyhdn2KKua1zeSzxT1yqz1yuHTnfO6kzys01g0qf_xaPakIc983zX9mJjEPykz1ErrqgfnijZZ9YYr7gdd4HEXvsgCJuhXvHp0J179_TMtuSDJvHfWdR62OiBzff-JdOEYta51ih6un5K8CZyQ9uFRHQTMaCL8qdcjG3GJ9jLpbKkPBsOBMQh5VlwL_WMmBuN5TRF-n7TiDHKW4HpgAPQrfbafWAbZkDZqlYHNMsL10xQt9nUvk4AR56p_sNHUevrVOkFqXeYoeE6DvM8orOohlxjPM31V6EFWwnolh7Ylcml9apmNA1cb1EFvZVUCiDkuTRqueIYsHf7cQoi8kGyuCDU4oANmtFeboWo7h1P3w7bZS6XeWDZ8kmMpIocauOmbVUMWDZTlolRT3PC-OvFhijB3iQKe6otLZ7qAXhigSJ9p6K_dK04GKSXXGwOqYmZWG03NapRgrUmwwsNykE8WOXbcJgbGs_NvlyqpQcgqIUeJFP0UpLf4qIw8ss0gdUQUHdvYPR2REUNgcWYsMJLlT5KRI-LbESQ5vdEcIpYWPRDccLV5UVRQ2iXbMbPcbn7CNGBRUMSNxGsTSItInNzL9q9J_xaJg7WFqRulpKbAOMeuP-aG1iSwqeAQcGi-SFBbzPZhDjNpR3hPdX8b1bxXloKOMVBC0_fJxdjo8T4ptf79m1CmM5xfbPZtGRauKuqhLIPVzlvhE6w246supatVBQqu0P90N5hOaemIm_80q2M0NMdfDKlPAK3JG53aaXcxwM2DGqK1bvBERu4PAnH_5aWMMPgCIAquS1wpq8VVVmD-y04IL9LOE76p3KkqkjhXkR7xXVF4OtagYOpcdpoyMjMDYlssv4XLZgHfB__1HC8MAmpYVdpW5L0HfP0mdt2bquvhscT0OvQxThJcJ0nrrBunterlmT6LAnKb-puKLJOMDzSPKNdUb3-FPVi-bfyfUhtgGueaCxrw3EaYxLXMmJ2NsnqZs96zaiQ75p3-PZ63vsSZL42TOcBdVFWMkvM12CC00bzjv5MS8B7RXkMh2Y2Q9djuEpuK3eSjP2NTSrHrVnp5b9N48JTsIA4Ri9OHo-jEQlroayJO8CxZDLD0U82kQbG706jY1WLUDXYpL5bkbDftjHcjn7AMrfqRLICJf_Bn2G9wVuVipau2ou7NIlQyhw&cid=CAASJORoPtBgqI2ZcshrcKrz4jpJ4SfVI7NI2IAFJhOq-WnCrbGJHw&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a60dd4d6d8e4acef982841ffd485003084a401f218cfaf75273a563d871de611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10745
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C84A 42 B
63 B 129ms
71ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrrunIdYlHvNVUtuHCY5NwUNvV588Gu2NbDyjptxc-EuFvK8Gxzdan4hOZU2EhRKKh4UwYkJWipzrWaJxpMHpoN4q0-Wbybq1MAHp6AoBYxo4NoLQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1019799/62567012/xbbe/creative/ Frame C84A 240 KB
74 KB 152ms
52ms Script
application/javascript 3.248.54.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1019799/62567012/xbbe/creative/adj?p=APEucNVSaum-_gO9wzkRqaUbDyGJU_-lIeMu1seJDhNSFj5hD72IKTA&d=CnkAoCZ_4IjdtC4FdZlhHuz8aKmMQsMG98FVpb-s_S_aBYRzSjeviXQWEp5BwQnUneI7v_c8qtx7IsBqA-3yrUUkSrxn_IR2_SG9fMM35UyhD253aWq0zl1IbiU6jfDCpJ8N5ueefdfhhDbQ764mXVp7tEIFdhxXxrjLEvkSAKAmf-Cy3gSgYkUlYaSSyKdm-zagiuaXROlK-R2aODHcgMjuTi_eompQLXd2Vrnb3H6gAzIbt0QnPQjSnGBXn0TWs2Os4Vy4x0JWp1ZC72AEOs5JfzOg9EpestH81f9Rw6IT4tHruft39kB2MlzoYQ6G2otBaSyCqrIcwlJIO2MMGyBlonb0pESEE0Lmqn3LPD1b_9U6sh7aYsno628LPfCDNfc39Y8TIGNahHH1CUlph2EQdz05l6iDPm6ZdLuCSX1TXBk220CtFt9uAs5mdr_Xzp4DIgGOMY-yHFwEn05iElkpfcTqn0c1jJpH2QHMXc-bzwJ8FPsK2PAaBJDaMQLYMXgJUF4Bd2NhRBUah4-W8vz9jvJhZ5oNbIKdUZUKd3_JDAseNWSWvyWo9YXDxJR5tMePCLffDQUaYEAmrLAt2Gz1xmqrezVGGSY184c8_nsQngbXbzK85nFVc6oZcish_R61Zm4qWzpieUyjiM0BxBuJY9pSWqgSSHiNnZ_p9B-aXxUyNpBOjTrh5vInYEl2y7GTyFCHXIQ0zsyWGv-CPEUIo0U6Dg5t2ZDmQC7H9eDC1wyBRX02O38dqSn8-c8wnssR7lITMS54t4xYjXi6sJGdhzdJDO7QZZynvonRUOEoExt4q1R2kyPHjCPvuTsYTcmATKKlMoa17g5WG9VzxNoeaY-Uo9t7K5pvbb4IPi0g3hzJMluCUQnyY4GErGMAzmXSyP2LDpzfuF6q9Vm8JP5Y20ACxy8wRCAeYvkgx60cGZdgQEbPNmNgBhd4A6LwQsJzCyb22Ak0RIXu5ORQIOVo0jojRmqBQZOuvyYDhuuyrTXCV4R5KFJWLm6v9IBE4gAaSXTpRhODO_YbSyMkg-szLReEHiagjC8uzUXPS_5C0nIlqYDY91yiC7AjwBYcOQcDkiw4gpZ2ImlZkw0fcs1inhPHG_-5ha9DGPhtw2YFGoOt_NMPf_fK09hOdT3JNcFxAoc9bzqhPDu61KQYhdAtFOHK_QHSw4nBVaZImDAvvLvJ1qC_5AeNqvbQx9WoXTLshcJ0SRL1aHkDWHO7tW-15C9A4oIOgrnlS6mx8xMFtam6ai8BoLuSZJrx526K-Ua0JmtBby28F3uCm77AbPRUDhpsNG31zzPQBSQ7mAeON7oh83ha_Fcs2jW2yBQprzjjg0sMiN1fTT-lii-mcM5-FZV7sCx1l1oKtaMCfvnXAc6DLF8tBcOWz5zYF9NVx_uK4jXS7EnVnwYW7eYQmZhPTJipCMRKYJXEgB9U-txR5nCJa8H8eGRTRQqnllrVpJlWT1zGRI9Ae6r3ymIRy7pzveqxL385FEX2f5lzzPTCkZSWx_7lLOiSVQmV_pLpiw4RwAGZrx_q4V9PxnkoAovUndB7rVvaAh236RtbLiO6tXs2yFhG9CskeSG7VwQ9XFy4kSrSMDvVdMieOWu7O2dtV0a7zD3r6TSPw075NMJiFONIJ_lYj08WMU3XuKwEYlxIV393dgFdhQeT9WrFXBzj_9kNsfIMwHqfrM8RTy2Ao19TaKtGGgE02AtAhEehGgvvHOXB3ojisUqflH3cnEoXdMwgplRPdzB7Zj2VIjOu4KWDSj2T9pP7utgCUVTT9efguOTLaPyYuGArYVDWPSYXbMAKYsQea77FQmV0IWJ9P86wTNqzb6S8HKzhKdKXDTSLSPcpvIVnVG7W_-qYO6LsQg_cPyo4ut2DJaCqKLBH7sCFnjjh_MN5hCfzTkA83bqkt7whoCucSmMxiQHFZCOYFn3G3V87CRL9xvHaMs4v83v-lIXVSK4YoQh0AejwKjNGCxqKYyTkYmEdxSxHKKgvwofPZJ_o4Ma3cqBFNo93kGqWx1k_NkjgmrMsaZ04KQw1JoyYcHkGp4OS4JBGI_jK8lgw2WVm440Ra7IRCFirHvowPRSP-SUH85UJERp4cnXMFhWp0xsQ8Vq5YKElPJajAbN45q4gV269ubSctmJ0r5eWpKzTLg3a4lx5jHfC0aKfEIfvUcHrnYTaFZazZ8sa6c8RHgByTEP6uKtwMPX9TN_a5ast1uebVgfxokWvKPb3bGPbkbNBmLC1TBwLC0gsb2pX_JfteFn772bVFtNHLjNv4g7_8xcoFucOLtRRt8kIig8e9u3dRFtj-fk07cTcbPWP13qupFYQLGEPame5s5KnWRfSYhrBKbe8Pv6nj6tuKezmc0VUALH10BZj4x3au6bLqKMROCVh_NT4LcnB2G2DJnVLI8k-ceCtGSAcASQY3PeanLDX2YOzwvYzlnOX8wzwAdR4w4EOZulYcP_pDYglIOyGOkguYUiItGOkv0tKIFzkfmK4R0ZglqwYV7ECuuz9tYT7yZu3WrHokJb8sqymV6jlXeWhftAqLJtWZxb_3_2nlYPFxx7KHwnOgnnylTNzF-9maHzNkfl5HU8AHlJdNxs3PumgQxB55S8Uys5U2KjAxEAYEseQB0ZEM6gh54bxZFDpSz0B8zVncw47u7lQYrYbbSXN1x1gHvOHEGkza5AiqFs_FctGxbl37RsKl1TZRMIe_cqZT-8G2Vov8SCkSUGUSLv_VxmAsrqhelaKjNTYkfCiGaxz_JIoJ75VGWwSAmRNugfEjyZYwbvAtpVGI0bbKorV4mzQLWGcxDkhSLMBVInQwKwt4kag4eot7xpAZocQmXvgVoeDp9yKFjJmFCuUAc0GqJpiaQboAL_lq6d8RoaEHBdEXU3BEag0cpk6Ln5oJhbMbRBZkkF4pGzmOavE_YdDOUX2eqnZoqv5MPg5zFwt0RaHq4DFclJAZbw1lq8Jlqcl4wxKxqp1VtuyumMRLTKg9JHLwui-o66j_v0QA51iBoFwOUUnQ7Lnp2Xdr_XE0SnuwexPKEUA3bzgSdl0v5ldTdr6B1PqrMagIrVp4dsIlvRCvxkxMTAAx5dC7hEV4SJunmEab97bBDrcf3478zf5SU96QmqFeLxxVSMJN84BFCyaj3ctVPgS1UvSDZgO8a4azAWXbQnyzcyj00aUm_Y4u7FFnxvqtnArtUzX6pIJtYIsAHR-YrxusrahPuZb-wlK_o6cVuKV6sCLN-BecuG5ASQTHgLhWqIrRWGMp8D2XZMSrXz304-M2mJbccgCm_grVd2Uaj7NeGPlGz9zx7y5ngApgC7sZVKnQWzNaYno7fQSyTBkysgA0wUwrHtu28EHXgrUBOZPLGzjRN9AlP3KwFwCWFu_eqOSjX426hooCAASJORoPtBgqI2ZcshrcKrz4jpJ4SfVI7NI2IAFJhOq-WnCrbGJH2AB&ias_dspID=3&ias_campId=1006201864&ias_pubId=pub-2070890256337765&ias_chanId=1&ias_placementId=16725270697&bidurl=https://ntn.ua/uk/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0izXnGeNjz_kueIUUfEQZow
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.54.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-54-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 44af9fc763148ddd3fa467ffb14602fed7254ecec7697935e1cdd0d92481d202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C84A 3 KB
1 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:18:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C84A 120 KB
37 KB 171ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 12:22:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C84A 15 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 12:12:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C84A 0
0 115ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNi57uSoEXQaWxft-eRZrfLTOeT2-_mT0aGVSBF3GmQdZmPmWvm1mOQuC6svZSfHgeN8YQ2JnJyi1ptYieUtXXEXeCTw
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B586 22 KB
8 KB 128ms
45ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 85791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 May 2022 12:32:12 GMT
expires: Mon, 01 May 2023 12:32:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16F7 13 KB
5 KB 98ms
44ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 11:58:54 GMT
expires: Tue, 02 May 2023 11:58:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05C6 783 B
1004 B 48ms
47ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a541acb4b10ffaea3c03416c27b95aa3826acc22c7cb80a44046ab61bfbd72d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bH2X/7qURDy+NQY3YR6I1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-bH2X/7qURDy+NQY3YR6I1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:03 GMT
expires: Mon, 02 May 2022 12:22:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 169B 1 KB
749 B 40ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 03 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0299
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1

43 B
1012 B

128ms
127ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW58zGATAB&v=APEucNVqP3ZyG8iQ5Aa3ejcDIOb-zv9TAvwS_V35FqMwNwdyYD6pTiXGSDpQnr-88ThkgZ4BbvTd-HbB8j79A0btLgjjAIMHrochdn4kqsctwjYpnHELuA-tppt-tCjG38At0nBQvxptoz9F9VAR1zfPCycOR55yazjEAgfC5Y6XYzDRGCRwXyM
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 12:22:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 02 May 2022 12:22:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0299
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym-M7ALqgkHzHJh-VGRLagAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1

43 B
892 B

86ms
85ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW58zGATAB&v=APEucNVqP3ZyG8iQ5Aa3ejcDIOb-zv9TAvwS_V35FqMwNwdyYD6pTiXGSDpQnr-88ThkgZ4BbvTd-HbB8j79A0btLgjjAIMHrochdn4kqsctwjYpnHELuA-tppt-tCjG38At0nBQvxptoz9F9VAR1zfPCycOR55yazjEAgfC5Y6XYzDRGCRwXyM
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 12:22:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0299
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

43 B
1014 B

49ms
45ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW58zGATAB&v=APEucNVqP3ZyG8iQ5Aa3ejcDIOb-zv9TAvwS_V35FqMwNwdyYD6pTiXGSDpQnr-88ThkgZ4BbvTd-HbB8j79A0btLgjjAIMHrochdn4kqsctwjYpnHELuA-tppt-tCjG38At0nBQvxptoz9F9VAR1zfPCycOR55yazjEAgfC5Y6XYzDRGCRwXyM

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 455f5b64-9400-401c-998d-21caabfe482d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMDIxMDc4ODY2OTY4MDQ2OA%3D%3D

170 B
188 B

124ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMDIxMDc4ODY2OTY4MDQ2OA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 77288cd4-06fd-42ec-b405-c1806ba8a1c7
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxMDIxMDc4ODY2OTY4MDQ2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1

43 B
1012 B

121ms
120ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQiraNnwMY_OCRxQEwAQ&v=APEucNVAHMd99ObPQ0JI1MgG7bD0hKkH_mF0mSCjeCOoEyx-FU6bwLXTn0UgDrfH2UITVoSja0vwg8aRjmc3-ofJNtOHV91YkloqEoL6Vzxn9TqW_BBL3N0Ogs3Dl0SVeyQH3KDyl21QDPB9veuDKg-07Cfrfnl3QIdc0w_JHEukQimM21Rp-Jg
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 12:22:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 02 May 2022 12:22:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0B87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym-M7FbFCuTBVJGzGst3AgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1

43 B
892 B

97ms
97ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQiraNnwMY_OCRxQEwAQ&v=APEucNVAHMd99ObPQ0JI1MgG7bD0hKkH_mF0mSCjeCOoEyx-FU6bwLXTn0UgDrfH2UITVoSja0vwg8aRjmc3-ofJNtOHV91YkloqEoL6Vzxn9TqW_BBL3N0Ogs3Dl0SVeyQH3KDyl21QDPB9veuDKg-07Cfrfnl3QIdc0w_JHEukQimM21Rp-Jg
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 12:22:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED5o5aqqrnQTUsSM2DDEwfw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0B87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

43 B
1014 B

42ms
33ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQiraNnwMY_OCRxQEwAQ&v=APEucNVAHMd99ObPQ0JI1MgG7bD0hKkH_mF0mSCjeCOoEyx-FU6bwLXTn0UgDrfH2UITVoSja0vwg8aRjmc3-ofJNtOHV91YkloqEoL6Vzxn9TqW_BBL3N0Ogs3Dl0SVeyQH3KDyl21QDPB9veuDKg-07Cfrfnl3QIdc0w_JHEukQimM21Rp-Jg

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 544471df-1374-414b-b86a-6a36c75b8c03
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJDESlNg3FhF1Zgxkw0YCM8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwNzE4Njg2NzAxNDk2MDIyNw%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwNzE4Njg2NzAxNDk2MDIyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
X-Proxy-Origin: 5.187.21.103; 5.187.21.103; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dfb91700-354d-4197-98fb-b3b3aecbef2c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwNzE4Njg2NzAxNDk2MDIyNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05C6 0
0 105ms
105ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042601&jk=860659709413528&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C586 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BsbKjcTPc1kLh8rcgxciQV6twKZoSw9iMthrPZANE1QgBvNkRylw0mVSqdpibys8Ndv7l1ynKx3OtuFaFG0awszipf6G4yqEdkD9_eNugjIDUYjMAl6P83lGftVKWY5-O5XAVXD4RF3kQ34LS7ypLWCC8dnw&dbm_d=AKAmf-DdoOj1aSPtq5sOFfpD0sQzA8pF5Arvw3X-wj-4kru0srE75big33Sg40QM8lkbPDNlfpbR2owS9nVW0TywjflqJh7IbOCMJ2AEWvKIdz8fVT18KK5sBMiOG9LlCtu4YXl1y3GmB-Udu8S7igm1oX_cDpFNaiHEITdBAAp0td9mPCJcrsoxR1jfbd1aLTnnpADRH0y_f3XSNrIqHPyLAvvd_kzsHm4NRbOk5_KK4p1IhhPFrpp3ZdxaO2WGX6y7Htkop9S6hTCYPE_rh967Qm8J2KFqOO-CftoY-QL9SkGKS1jcnncNor-WgtfNqa82TexUvuS4GHdFxaqC2xeFXIJ8REdRPDCQpNlwf_nPTeRFR5Bg-ofuQxGyvR6sOIMfpj6joS9Ot_ntofOsBZ9RqF7cCJhgXATO74HIXov_e2PQHubccHQ9kTJg1JdOIuwwvAr19WzZY_vQBe71e-TGR0hyNaJIQFNSxcv2hMmH1ajF9i3KTD5tLKJqiXIgorPX_PUzzej1VhS1pfQ5UTlhwZY-ELnYT4RDULSauWr879z6rX1OhWT0vVM0QEdvaUGsaUJ5irzonhu0V8o22H9btq4i0fQVs1eGVmnE30v1L6-ucfa7kACRUDC1hS0sCodnUjioGWGsVkcl4_60KPN2zPq0JwEeHczf8GNF_SrCfTQygI2lYa_cuGcxhe8KpU3Bn6S7sPj7Xlj9Ln7rljnxzRGol2hNicr_jmRE2Ra6ezbcWmshKr43k_hKrbnLccUAyvhPPq28G_xzSWwM6vbMKAX6OpeJ-5rZTyfI4a8v_HqhwpyfaMOirYIfSTXePbQDaEATQLiN3b92bJitpmiQYlCpZsoNTvTxW8CnnQd4_-ecJx_coJePrheNUpdBMYO__wRJ6utvh_ytWh_54-Ik3L1M4EIASo-fE1XDfhEZs58XSpc484X2tQoi2Judgw0zpns3dL2kZVUi5M-1k0b4sKugPjh7VeUxDStgNWAc1pfZFsqwoLhOnZkh7MSln7xL180VrgDupKkkq4MX140E2qBJoqGpy6nQbpghTt497H5fLmaVH9-E_3qKj_0h3SH-1PcUNB73544xrXHn76Jp86z638uII4vgwQGtH7uJYBMQAsS6WVvf62jsy-ycRzalCv9XoQchykhd63z8DFCmYpdMxJH1tc-VHhSooRGHrlqCJ-ATiUc0d4TwI3GUDxdKcT8rcxtdlrFAgenW3I7udnfOUSzMln_VzLvzHyeL0pfrCIMiTB01d07dNaeq8OnybPzQWWNuVtuJCYfub-2U2hF4HlnldAmY0bf4s7X_EcEOGXJeUw46RrfKn_CSfZRaCfq6FdOdDYxwcyPMo_nsoE2682FUoiV76wiczOd84U6nnd2C3-1SNuexJn3WaGW__M5UmczLVaokHVU924KkvgMfDwzgOVw33bvjFPsY-TkGnU7BnMWl0TR8PzV1oxfBlUeVzJfSqoysrOH4sf4TkFp2BrYaSiiykc_uMutW24jl4tzaZkVDpoY335wAjfPKEuIv6EmMz2luuuQsy5dFbBgjqcJttC-UFMxIiWjtRfaluPW3Vbc3GNDVesqTEaEuIKJRgN8s2T9g7l7qSVc26vCNrNB6_V8jo0o-tnHu0a4RR5r34KC3EiZfvQX_2Vk5GESHsLGIxW24YCxksBZ5dW8R_VJK6T50lil1S94AevB4KhjqauQVv8JoWdya-sTE0VOqPuA5EEPI3ckWLPdM-o01feMkOJnURQEi6OlKOvGc_yQWpJ1LJdy0ikYzcnAdvT-2S4Y5GvNvW2ztUiQ40LtFw2zPHP4HYFraTaV2IH-0H1o5iTkdglVNEuGktajaZv4y6En90PbqCGWTtpQLIh3OaLwZI9ExJuzqz38sp0vtd8z6mt03MR8Lw_LnCXEuQ_FMdkVvFT4XzHeUgovB3IhOIyGC24XEXdWfjTWw3ZAMHwGLl0qBk2anrdA10GwUruAw7GXMUTkAAK3fxOM2bRtYz0nv-R-Jxjymn4kJbWmhzszs8_IekRh6SzZKECAGcmlWjVO6HhqaGvlHMLIKYTE-QZjbdbSbiPucE7DV-BVPzgsn7O_jooChGGb36XpDHXfBXadGIYmbf8rfRFNDC3xmUooGdTXLxc6PrZivsugLCzLohCJvX0ClgYNBEzRNvXJPqyejGABC7DI0MPe3Xp_aKPlkmLC0WNo4LsmGL2MBq04qbM9hFTs2LFAcG0BPYTAqSom4N-q-7I7d8ylTo8Vo8bUBcPu4G3gzbPCS4U21DDiaifQulQ2z5VTVGpQBT7eva9dZlOrb3oaj4nuzsxMBYG_5tGNEgoSyxTuOXm6zeDlfcTR95oGv9whpBBtdkyYeyL372-M42U9IBOlDN4M8LfnW6G0wDJ-PitU27DiqsmE_8-EbM44NUWMaILdzv3jUdOpSSaJ7NctjoWFTuimlOgQyaiMrVMXWi4S4r6YJycDYM04rHKDEGP5dRYqOH8ZbaTgWD6NNt1tpAnO9xGwYkgWT-N1qvNTzP4WjOCGUY7i7ZYn3qcOh9af5xv15cLPjwkyV7KDKFnxJAqOjcuyyxomgTS_eAVDqlRezpvI3GDk1kE6HM9rDH_03qFkJ4qXkBPGSy4zlGe9THwVhV5RBXvgOQ5GGHmVgtdLbbLERMthXOUQ&cid=CAASJORoVm3--ySK67RGL7pmZ0jx14DPlmdzpuHiw2yIbFC56FPf6A&rfl=2%2Chttps%253A%252F%252Fntn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 12:32:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 169B
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMvb_t0uP5AbTVLEGDIph_g&google_cver=1&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pjie9Oj02_YPHzu
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C35650D007174FA19D95D42DF7718561&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pj...

170 B
188 B

128ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C35650D007174FA19D95D42DF7718561&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pjie9Oj02_YPHzu

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C35650D007174FA19D95D42DF7718561&google_push=AYg5qPJ6vAsEDlsOp8WKIlcGK3EA8ZLPywr8gITZutLlDS6HtVieCF1dBLVsMIvKPr776RVCJrOhO8reKYM38pjie9Oj02_YPHzu
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 01 May 2022 12:22:04 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 169B 0
191 B 112ms
38ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKUOgvZ2uwQvxLkMQbfBxaw&google_cver=1&google_push=AYg5qPJbsSz14PxqpcJ6UIuWPW1S8tPD3yHjqUeZ7I5_49YJb0RELEoLDq_uantS4JGZpIiQRPQMYh0_Ay1r-CEiUmnJvKCMBS2W
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 169B 43 B
350 B 109ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEJowoU6i-i3vvcx6pu9XCc&google_cver=1&google_push=AYg5qPIZmOM_0VTe_tFNZe_-xa4kUitKKcz_qHtaOttkVZ8-ZVCMm_oY02OlaJd7gRAlltXZqZEYeh_mNRWrrc5pHnPgjJFJnIfz
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b0mbupmqgllbe11t2nu02e09kr5831am

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 169B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI1K0YkWDurwZIDZpiOG...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&google_hm=A9bipMBz7EsKnOhUXCtSJZM

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&google_hm=A9bipMBz7EsKnOhUXCtSJZM

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI1K0YkWDurwZIDZpiOGEY5tv-o9vUQ1alXkN_XIyb4RhVabZ2J0SKyWSrSvbrUMGRvRAC9kSaoLJDOgoIW0QYLkghxXRk&google_hm=A9bipMBz7EsKnOhUXCtSJZM
date: Mon, 02 May 2022 12:22:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXd6e2a4c073ec4b0a9ce8545c2b522593003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 169B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEODbryqUjbMU3XcOhjAIxI8&google_cver=1&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nS...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X...

170 B
188 B

64ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPKHOAlSz81m1VKqmU3QgnMlTGfPyRYbgYA0ArQRYJ0TPvt_YF5X0iI8m7wk2LpciQpz0kAKmmZ-NQHVk2RHC_chthrg2nSU
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 169B 43 B
65 B 50ms
48ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHSQPb9vCkG0a-Wd_MiWhdc&google_cver=1&google_push=AYg5qPKxGVDX5TYH-c_rYXLiM6_Gft1QnM3xTlY2NUmGP8iEvBLlwsANyQAVMqe9ZlyZRheujcCXn-ttrVjkszAJHGA7Cxxpj9kRnA

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 12:22:04 GMT

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 169B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPIexFbFGZMt6L1I_kVhAZBCsUgblWo9UI9bE5zVLe2yqYB6IGPNgl_qShmTG1KTC6K7863Fwfhx5JH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPIexFbFGZMt6L1I_kVhAZBCsUgblWo9UI9bE5zVLe2yqYB6IGPNgl_qShmTG1KTC6K7863Fwfhx5JHTWZ3Vj2a5JzqGxKj9pw
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

38ms
38ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 169B 0
50 B 113ms
51ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEkO9lydK7m6OMhzJIkalHssBhBD2UeeiBqsVP5GZ6hf5WI7ERrnxCuODnB4BZE3_fYjMv2-c

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
194 B 27ms
26ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hbw_master_285194_899.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ntn.ua
Date: Mon, 02 May 2022 12:22:03 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C84A 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdmSBN_QUXxLFU3-ff7hOgL8I5ZmB2qgVa6zYkJQhrTGqVRNEk8PjvGOvaq5Bpz7MsnDa4BwYz9fbj74aTWk4uf1m6jWe6K316PCFM1196MGsoWFUghzmsJLeSITicGjS0kwu1nwNkvXZejPMiB__qbGGbng&dbm_d=AKAmf-CsjeWf4x0EUXx-z29WlDCWAzEm9U2LBM5O0fpIS5U2udZuCHxGJRO2xqTMqu44fAXJK_uIh_JWxZ0AZV3JwTS3bZ0F-snWb_Dmato_TR7nWuOgMiveEOwiohBDdisW0EyA-iLH9Y-AqtAMBzXyrY5lRNuPTHFwsLvwQwvd_sUwDpFNRSuaOp3X96rU3AVSBx6VY_uN8ALiudxcZEz4Rih9bETiSE-oJILLW6APJ8e9TkzRqsVnV5Iqa0E4jg4-N1UVj6YAzWDGE3HAWdx2040_b7rf6PtFwW8Em9G0pBA5IvlRK3iWDDCbND1YJlB5OQ2QArGGktp5tTDQ68uHgZUMMonVd0ehrcDE8EyKSPPMWCOo_ViQhTcPIoiAXp3mlagj621KBTDofjvJIe-p1jce_CJ5FZMyNyxkpRHFN_7pycg51e-Q4oWWaqMTuA4GIbPmNq36P4gibK6LJSo-RMFk3VnaDTjeHdBTd40TwfhnvUu8xK9ICZqx7SYOpyR4aWWe7NqbN6ftg7spIg1DTWgzDDEux7KUUQaqGSO2d0gnAxCmdullhU_cg9NwuqaaQc10_OCJKbhi9f3CY2_nlYaW9qnldqbowbsK3HuDHHq88k-YqyxLdsIqO0_6XhzhGRG9JIMKoilvgLDW5tZblCqtIbQHPAGmUKWRoP5mykpDABL0Kog_lTdNcorAuY2z4jpDYGm8XzIFM3JGwT9Xl9GFKhDpx9Ph1rrElLFNWmMpH--89XGNJiyhhsBfUSfcJ7FEdRp5om9hp74nH3h1jy3FBFF0sR0Eq6Y9bY_YuzB0uYEOLvHh_MkdYGuGDmlZ8AIm2PamkWreilNc2-dboZND946RRmpQ5tXWs8NidJ_za56CGtFWEho0E_wB_jqIl9BsGo16AQ3n2xnBcEzeC8yzWStMZDopJp08h0qT-jfayeXVzQ0sJ62IFsc4MIHIXTWWtp3-23-7X1xa41lJQYP3f2RZ7yHJFGDwnxGrwKwyhfZnH4sSR95sUlVl4TUcesOuaxnlb7QBGko3MC_ed8s8ljacEf4yiuSQNz877f6ttCmXS9mpX0nzY1FJiNR55qxJLuQLTfsb-Dp-_IkWcu84GR7g9KRBu0nQ2JrV7gOPZ7Nbc6bIxv0q5c4NYNfjnVMfTtSnbZ_qN4WqFw5QILPmGZc5r615jiuIlzxhrThMXHiRP6z9Kj8_jSt9ETTNyZjkxfyIW702IH6tufNL-5U_vfTrhZiLHVg0joz4k0jy2NzEezFdsAKcK0Np3-9Vd53loQeVqhR0j4qntZAnMHsImAXqNNeRDsgdxd9HWBo-dXpmU2x4Ku49G8PSMLcw4fMswyCV2zAR-1IG_fma1_sNgrBFnjT62pX0pwAW0RuF2kSrWfBb0bZ5m-vAOYc1LLvDqa_nAKldlSOwx-kFrVDT2W5aORpq01KoL9uBk99dd9y9FVd2Vlx9V1pbafOQYAbyhdn2KKua1zeSzxT1yqz1yuHTnfO6kzys01g0qf_xaPakIc983zX9mJjEPykz1ErrqgfnijZZ9YYr7gdd4HEXvsgCJuhXvHp0J179_TMtuSDJvHfWdR62OiBzff-JdOEYta51ih6un5K8CZyQ9uFRHQTMaCL8qdcjG3GJ9jLpbKkPBsOBMQh5VlwL_WMmBuN5TRF-n7TiDHKW4HpgAPQrfbafWAbZkDZqlYHNMsL10xQt9nUvk4AR56p_sNHUevrVOkFqXeYoeE6DvM8orOohlxjPM31V6EFWwnolh7Ylcml9apmNA1cb1EFvZVUCiDkuTRqueIYsHf7cQoi8kGyuCDU4oANmtFeboWo7h1P3w7bZS6XeWDZ8kmMpIocauOmbVUMWDZTlolRT3PC-OvFhijB3iQKe6otLZ7qAXhigSJ9p6K_dK04GKSXXGwOqYmZWG03NapRgrUmwwsNykE8WOXbcJgbGs_NvlyqpQcgqIUeJFP0UpLf4qIw8ss0gdUQUHdvYPR2REUNgcWYsMJLlT5KRI-LbESQ5vdEcIpYWPRDccLV5UVRQ2iXbMbPcbn7CNGBRUMSNxGsTSItInNzL9q9J_xaJg7WFqRulpKbAOMeuP-aG1iSwqeAQcGi-SFBbzPZhDjNpR3hPdX8b1bxXloKOMVBC0_fJxdjo8T4ptf79m1CmM5xfbPZtGRauKuqhLIPVzlvhE6w246supatVBQqu0P90N5hOaemIm_80q2M0NMdfDKlPAK3JG53aaXcxwM2DGqK1bvBERu4PAnH_5aWMMPgCIAquS1wpq8VVVmD-y04IL9LOE76p3KkqkjhXkR7xXVF4OtagYOpcdpoyMjMDYlssv4XLZgHfB__1HC8MAmpYVdpW5L0HfP0mdt2bquvhscT0OvQxThJcJ0nrrBunterlmT6LAnKb-puKLJOMDzSPKNdUb3-FPVi-bfyfUhtgGueaCxrw3EaYxLXMmJ2NsnqZs96zaiQ75p3-PZ63vsSZL42TOcBdVFWMkvM12CC00bzjv5MS8B7RXkMh2Y2Q9djuEpuK3eSjP2NTSrHrVnp5b9N48JTsIA4Ri9OHo-jEQlroayJO8CxZDLD0U82kQbG706jY1WLUDXYpL5bkbDftjHcjn7AMrfqRLICJf_Bn2G9wVuVipau2ou7NIlQyhw&cid=CAASJORoPtBgqI2ZcshrcKrz4jpJ4SfVI7NI2IAFJhOq-WnCrbGJHw&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 12:32:12 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame CCA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1

43 B
61 B

54ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CCA8 43 B
131 B 52ms
29ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CCA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1

23 B
172 B

63ms
63ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo
Protocol: H2
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 May 2022 12:22:04 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CCA8 23 B
172 B 205ms
64ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARiKq8DIATAB&v=APEucNWMW4U5CC1r0jOOElcd3pZ2SmsGibFBZbrzfHweHLGYLEqC55GJjNW5ZeTxnCi-FfpKPvSel5hTT-rIqMKRCKu7S3utThAG6dBBniKtCaILuHfIGjd-M-59QoszFsAF_a7Bx2JnJaGjaNs7zLbKVAnbgfmVyWiSXJho8tsp7W3yCLkyCZo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 May 2022 12:22:04 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 50A3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34a1db5dab654fcb01ca13f856762fab658a6a3f29b42f8015789779af68a99f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame DAF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1

43 B
61 B

62ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFmfFMTOYBiWF941meb4LA8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DAF9 43 B
120 B 32ms
31ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DAF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1

23 B
172 B

65ms
64ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao
Protocol: H2
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 May 2022 12:22:04 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESENr_oSHW_4EYOmAP1KG4BEY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DAF9 23 B
172 B 206ms
68ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJqxswEQvLK3ARjyocDIATAB&v=APEucNXlSN5PaB4xmjdTwFZTaKuDDJIbpSKVKMRLxEud9bwCf8IZt5epi2Ly3MULQSN60j-0jilCRi2Y8GV6a-hvIZerr96nx-hBuUJAZmWMm5yQYWKsn5GhOpLuh1QHCzxlyTZ9OnRHaTlAm87KAx6hRlB1-SWuq2QKSSJ2LzQXLf0pRB5BUao
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 02 May 2022 12:22:04 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 50A3 0
26 B 156ms
76ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ntn.ua
URL: https://ntn.ua/uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4821 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cod17qwPdrbm5eeXIhX6XyMOtEslGQDoob5kFlXIM9d8I5Y2FrDfr9IDfLXz_vS2FF23InMg2AKfi6l762O8hKG0EZFJR3qDmnaFFOrF593OBAvUfT8O0CnmKmjIIuCHSFEKsPKEO8eKVie7EVosIR8Iwb9Q&cry=1&dbm_d=AKAmf-AwXUOwJb88gdd6gX_7N5CzfvznMwDCI-fWqmf5MuMjJqH5oVdYmhJHqcx7S867GEU_F3aFKw-4gHwoZk1-VmddYbvdsbv-Cpp-GECipvZJO270l1Crki_SNGE7m2tg_FgAo-6iiNOmlAPkKoo25qyQ3V7JPFN3hoVpR63sjQKRUzosZUDfx2NTU9QqvAYwFYtv6-QmdYQCYnXSM8DMnmSG8vFpDf4Z-E6B70thGTtdabjPW1jhQLP2Bfatpv7QqlXw-NPNlqDoUSqsbl1xlaT30LMWN9LARDsx4wDtpThPktNqJ8OTtLcNiGS5fxOdWYEsca4SL3CA_egZ5K6v1V-zotFltI1DjnSd9hQQad4HYWkIxfWroD9Ip-eASkBoLzl3COEP1qxTuiXLBHUc4ayH1nsvnVnChRa9iT5PDVc-k2QhCQYV_OOWcnc0rmNt_YWnEqE7simmmAFvz3tdL8qk9bJ7II1LkfMwGpP9w5CjwnAeJPSMfkUAQK2PLm3xksly2hP6RpfFT9RC2SQJQV6ZcRHMU5mGwmT20g38h4CaBkhNQJSTZI5DxZu4zsKJ2EbZFG20g3Cd_grY6DhyJRZ8qjqVZlrgg3obGNQ4A5jmWMcWPL9wnHTgGOUdERitQI5J9LUEj1ECcn_ScI9wNl4Enh-4Vil6vQmjSny8d_b-8SV9ohpMuDf9NIsUvxh2PzsI2OqrS9bl5OvtfHkgKugLS114WnRVzqC9FoXcImL_DmZpftdvgUYHkAD_bLI6p__VPJqknNYZAaqFsqFyx8I17wTosf_l9GUMsM0Sb8t3mhQxcSJ_C4BSRaot9CY4MCCxuxaX2Bk3BpZmUAE4i_C5BGxt0aS-IVUf_tszSADExRSWCigo_Sbx_-P8hgkoIRBOTkNrZfEUstBs9y5rBYDMbpJZ7vY0PqRom9sE-l3Igs0zH6gLYtiysTpTd3kGO1hNHTJUAWp5yTqhCgZfy11PaHfGUaeChL__2acWUX6ZNSAaYvgNNWaZYHTdsDLptBH3ZtdDG0L-mE9pzqdn61eQaBLB5kqdWk5YS7q5j8YcyDNPZRPRqKc3qHeQ-_YEixGnYnfokaEk2luYNRTf2OsG8yGdXX9faZgwV9Y0xKfn0LuauotRIzq6AtRhWPOGTCjlAEbQBz1fh_OTtjHQmHJOeqG41EyCveFlfEkbQsIqe7pYrACLU6L6ZGMOoCvlusJQqmIzB0CILqMH3OrKluAEcSwqXYsaeZlcBUtXJwZEeP6jNBfWBA8w5BL9epscZqHKYzJhI9eUgIRLzn4hhYz9tg4FpxgipeSEk-LcfIfz6zx_kwUp1f-cbGM2h5s1djcMl3lGb5rmPfVjGqFD-N-1jDr8zuLxw_yqDEFVbzAtKZSkNSb33gLLgb6SSO4N_fLI4tXWb9g9fsUxXbbz6lP1xYvsjEcO2frVKlWNHlcwpChsb_dATpawcmytHlf5OfzXpTr8e0yjom805PMsMTxi0ZM3qK5oA_aTJmSAI0Xm9wCOyBZUYLSRiDbaqIYb94XZqaNlF7PIX7h8ylkvG2zYpnHIXVjJVjS4t6Mb3Iku0XfrVS0GWB_Q8CvuTB08SSDigxfhxJ439P8HGeN0HqTdgG8iMFFJF78Pu8rfbao_3bYWRKptG4UsTKLvWdHI-NpI4oiyWWvTILNJxtGAqjXvZGY6oYZ6suh7t8FIGqhs4MiN6RQod31vTG9nrjD_4ei6EnOGciv_xy1eQQfdg0VG1oVAFxl5veDzIs6GqxF7AA4R0USXKaeOS4w7_X3VZ2VFu_lM1-yQrI1YsQQoKh7b458ry_yQiD3guGL2BS19XE03C5IiSIx8AJrWedbCiqcjsBD8Xyl7q3xdvNftGbdsHcxFwc37-0Wo5tuydCfoFkDooaA6BmOevY_f42yDj1MP7zOS_hH1VZIu9q8g3sQpq6N1nHzjOfTxdUoPVlvBKoPNdGj0LmKCuBEjjDWTzzaCyU7vW5r3xzRsUMR_VLZ_brIupyA-uXt-z-qKzsgHlfrxUTdPMa3YAoVWM8HqQ0T6YIZg_bIVG_foaMT19BYbu2WYOjYBjsyJLzLQ92Xk9SO5-MUQOvv1l65ujsnVA-ldpmwTVuGgbSdLCk_mM8fXg21loZu4PoMbRQOzq4oVfcAJqdo0GK42GVE_r8MQCxVl4Dv6_drui_2uFwx5WovvcPQDQPvdsp3DXeHfoyo-370mmEF66hU7_EgkCtKHfw4S20v-3xdan_pFyS9BVYX0P498H_HabRPglF5W1D8_stnkaI2ZTRxuGW0w6VhjRaHaccNEop_EZdxbrPGjCr-8XQ7iwXplKPt70wTkUKVuqnQDtTYk9F01J1BOzZXNJN97wmS_WA_Rs8EfL6Euwmk7affiIZ-0gWYWyqA-2ltmsFcVBsCkU_nKWY_nFzn8Tb76nL-GaA1GYLFTTINY9AZK_mIa44K4NghqGusvxt871E5xAKfG9xPd9q0UR1qNRTEe8bebo91_434kqkLNj0zy_BcNfJWObQVYk2PvwnVjCTx-yehbsUNnQwzvdxbR9wpdlGCWU2hTvXVEPKaKp2hB051Gwzoyv4jS3E2lsG5thgetNtBz7UynQFxIoxFM2UiQYenKWWtGpteIJcXkqnF7qL14K-pEO-roODZVAqA2wSJqlwoAmcR0cYYbHU_sZ-xLe4iGGtmmyvNPRVqSYsAmFW-MHq22sojogcWVTfhQ-0icE1IeR_BiaHlVwwi9hhmpwBhzpEGLm6hqG3iPxiLavpHt_WSZA8MmYU_2MJPoGveEKFqwglHuqNhqzAiJsAiD48KB2V2T2EguoGGRdCtW4oCDCpgbI3NMA4xUjPkwhr_7EOJQc8k0Z2UySo13_56O8Xelpm-xHi7HUU1UkBgq0Dd0zjGjkegZj-aqUtFLtFwyBwg7y9ImB0qXkXNWW_9uxW0goG-a1b-TWDcg2ooT4YC16qUxGzMeu_WxeuJVuzBacoBBwSG_m0pKW7QZgMl0YeWLw9ntL68Jj6M_IohIU1fTgQnaEr21-oHa4_90VmJ4Ctd8tjs33v9je8S40paysrftkpEXSyTeUPkVRf001CgmeDzeNQXUAsDSSm-YMsA0EqkOog51JjsIw4UqknFMX20ouphaD69kqhHzVFcNLdKQ69u7u8BPorikR5jHwAiETFVyR-zrbR3F_7zXoIo6Cya_Q2XgAssBegz0zJFmvZE9zp9HtsrNKiLayWEA5fvLY3gbA71QCaSmJrEysTHKPpEod-6_xk1leFL_nzv1aHKU2yoIA3HwU0kp-cnTJcG0HiJa6Um4AAbSnHxK0JhPp5Xj9eJfO7RWz6bUYDOgkrEVLy3NVSGqKiiEGgRmm7bdmRbWC4WFIg3BLB5uFXIfAc7ElPgTT788fjqE4ec1R_1ZzGk38k8PpC3wS2_H-9iy4k4iX-DxgfF6SW3HwFG4QZW92zu659ECkGC6X9ZrVkIfF5rfjgz_kXeppJp0jmgjZWQ75BvGo-F1fsGkXL87eoMZnfz0QLP7txKryea1G4KLs8MYqqxgy_stYNeE-ntzWO4&cid=CAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ&rfl=1%2Chttps%253A%252F%252Fntn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 12:32:12 GMT

GET
H/1.1 200
OK 8af9ioc7akhn Show response
hal9000.redintelligence.net/zone/ Frame 4821 11 KB
4 KB 156ms
50ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/8af9ioc7akhn?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 65aa6ff7f8bd1d83eeb5af948eb307376d4f44faae2d8333ec815ee0e86ab8b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3918
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EADC 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 85792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 May 2022 12:32:12 GMT
expires: Mon, 01 May 2023 12:32:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 12E6 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 85792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 May 2022 12:32:12 GMT
expires: Mon, 01 May 2023 12:32:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame B586 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 10:47:00 GMT

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 16F7 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 11:48:37 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame C84A
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1019799/62567012/xbbe/creative/adj?p=APEucNVSaum-_gO9wzkRqaUbDyGJU_-lIeMu1seJDhNSFj5hD72IKTA&d=CnkAoCZ_4IjdtC4FdZlhHuz8aKmMQsMG98FVpb-s_S_aBYRzSjeviXQWEp5BwQn...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
2 KB

78ms
42ms

Script
application/javascript

2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 05:59:09 GMT
content-encoding: gzip
age: 541376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: Qzo7mBLWKANcqwOqD9UxiROrZFuU4lK8GoM0tI95qZTaRAvBuinf2g==

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 83C0 80 KB
21 KB 191ms
89ms Script
application/javascript 2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 2368163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: FEA0_zAsKcsxuWZ8ixNVv1OQpNYc9EAr_mHtM532EbrE0OpU7Q-SBw==

GET
H2

200

passback_160x600.js Show response
static.adsafeprotected.com/ Frame C586
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1019799/62566992/xbbe/creative/adj?p=APEucNWilZZpv_-c-SlQEeDE0fyDdIrFuQnSVwQYapLcPUHfvaKrAtA&d=CnkAoCZ_4Ai292COjNOe_PDtyVZpVOPpi19-XMI5skfsdnZ9WT_a-6aEkv-QXyH...
https://static.adsafeprotected.com/passback_160x600.js

3 KB
2 KB

52ms
42ms

Script
application/javascript

2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_160x600.js
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 19:27:05 GMT
content-encoding: gzip
age: 579300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:36 GMT
server: AmazonS3
etag: W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary: Accept-Encoding
x-amz-version-id: 8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: qzSVyMv4BAV22H1u0MCA8TfsDdyD0oerpUXSkjjJoZibrhtvRqlJyQ==

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_160x600.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 9C10 80 KB
21 KB 111ms
53ms Script
application/javascript 2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 2368163
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: YWHIvn7YZho2DvQnCivj2o8h9BOiARDufqlwiKYZkgle25OzEsGr6A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
216 B 519ms
151ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswpMT,pingTime:-3,time:91,type:v,im:%7BpBlk:37%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:91,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 519ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswpMU,pingTime:-6,time:92,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:92,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:ntn.ua*&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 417A 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 85792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 01 May 2022 12:32:12 GMT
expires: Mon, 01 May 2023 12:32:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C586 43 B
215 B 502ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=67ffdc79-df34-6277-c2f4-87ede98bab1a&tv=%7Bc:bswpNb,pingTime:-3,time:67,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171*.1019799-62566992%7C1711%7C1712%7C18.1019799-62567012%7C181%7C182%7C183%7C19%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C586 43 B
215 B 647ms
298ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=67ffdc79-df34-6277-c2f4-87ede98bab1a&tv=%7Bc:bswpNc,pingTime:-6,time:68,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171*.1019799-62566992%7C1711%7C1712%7C18.1019799-62567012%7C181%7C182%7C183%7C19%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:ntn.ua*%2C7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com*&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 499ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswpNf,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:441,beZ:443,mfA:445,cmA:447,inA:448,inZ:452,prA:452,prZ:458,si:462,poA:463,bl:479,poZ:479,cmZ:479,mfZ:479,loA:534,loZ:536,ltA:554,ltZ:554%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,sinceFw:91,readyFired:false%7D&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C586 43 B
215 B 610ms
298ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=67ffdc79-df34-6277-c2f4-87ede98bab1a&tv=%7Bc:bswpNO,pingTime:-2,time:106,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:324,beZ:325,mfA:326,cmA:328,inA:328,inZ:331,prA:331,prZ:335,si:339,poA:340,poZ:363,cmZ:363,mfZ:363,loA:392,loZ:394,ltA:430,ltZ:430%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171*.1019799-62566992%7C1711%7C1712%7C18.1019799-62567012%7C181%7C182%7C183%7C19%7C1a,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:90,readyFired:false%7D&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame 4821
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

611 B
936 B

207ms
111ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D&documentReferer=https%3A%2F%2Fntn.ua%2F&ancestorOrigins=https%3A%2F%2Fntn.ua&random=6652785383745&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 136.243.149.243 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: df0cb2f60149e209f27d9a32d860297111b0bd9788b71cc5ebcebb9fa405b89c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 30709500123578704448410011947030
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Mon, 02 May 2022 13:22:04 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D&documentReferer=https%3A%2F%2Fntn.ua%2F&ancestorOrigins=https%3A%2F%2Fntn.ua&random=6652785383745&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 02 May 2022 13:22:04 +0200

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame EADC 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 11:48:37 GMT

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 12E6 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 11:48:37 GMT

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame C84A 10 KB
10 KB 50ms
49ms Image
image/png 2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
etag: "b1464a7201f691a1e4cf6fc057919d7f"
age: 589905
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
date: Mon, 25 Apr 2022 16:30:24 GMT
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: c1qFyPwfu5_r6NaPKVSqZpbpf69qDIe_JTps2nsuJmoZ4gVN-qanEw==

GET
H2 200 IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame C586 16 KB
17 KB 55ms
55ms Image
image/png 2600:9000:224a:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 08:00:31 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
age: 534094
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16777
last-modified: Fri, 18 Feb 2022 23:28:48 GMT
server: AmazonS3
etag: "eef84d4a7321b73260b41707db98756f"
x-amz-version-id: Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: MXpszfsMqVOetYjmiFB8yv8N35v-Sd-MROHPjwdHzT5kSe7OVWQLdQ==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD69 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 03 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C586 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbf47fbfd5f6780e995c557d969feb8ee28137e21bb7129bd71625f1a9daf28

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 93D3 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 03 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js Show response
pagead2.googlesyndication.com/bg/ Frame 417A 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 11:48:37 GMT

GET
DATA 200
OK truncated
/ Frame C84A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51ff2041db8ced77111c23ad1fdb6c436a204635d7dce7f86c3a03b9dfb631c1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 16F7 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RD1fhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET /
google2waycm.netmng.com/cm/ Frame BD69 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame BD69 0
104 B 302ms
70ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKEKjQw0KKZTJdiF3vXosDo&google_cver=1&google_push=AYg5qPJVtNCkfv8_P0iFgajI5j-ULx60fKzWLupxVI2GRWd2CkRjebTb7DonSrLT-GU8rl7KKaSaqRr_pFMp8PhlzkOxpRhBPpWglw
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD69
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELKJ6NM3G-GfahwmQsMs0xQ&google_push=AYg5qPK2r9606GNg7gSUOQltCyUTrZJxPOawwcGHpOZoKKwyeov93HLBpT...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELKJ6NM3G-GfahwmQsMs0xQ&google_push=AYg5qPK2r9606GNg7gSUOQltCyUTrZJxPOawwcGHpOZoKKwyeov93HLBpTnGmrDfmYMBUAF33_l409BfwCVJqJF4Kyb8RSrysmcBzA

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1651494125.578520,VS0,VE80
x-served-by: cache-lhr7370-LHR
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELKJ6NM3G-GfahwmQsMs0xQ&google_push=AYg5qPK2r9606GNg7gSUOQltCyUTrZJxPOawwcGHpOZoKKwyeov93HLBpTnGmrDfmYMBUAF33_l409BfwCVJqJF4Kyb8RSrysmcBzA
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BD69 70 B
265 B 118ms
39ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN5BRUemy3ZFBiyLrgkfDE4&google_cver=1&google_push=AYg5qPIPP8uOgr4dOqW7bwnvh0ntE1Tbz1dq75bu-JEAJkD6pqSIPr-fLTMEjPWDvJFT9YeuMwV8qpsGICfoAIVgAVqZ-xRGRnbr
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame BD69 43 B
65 B 47ms
46ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOGml0xsJTMa3jW8xmnLWTc&google_cver=1&google_push=AYg5qPLqm6zzGJvRylHoGI0uopLfwuIe0ypDrrRJ340ufHkayfyR6M4g7gLOsa-CJGtwehmx0hgvR0oDNTG367vloQOBcTxdslH9Rg

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 12:22:04 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame BD69 43 B
64 B 59ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEJowoU6i-i3vvcx6pu9XCc&google_cver=1&google_push=AYg5qPLme4P04U7r-xM5caQ9d3VVeEu8MUe07NidQSSwj4Eoqt0hsMijGqa8CnCy6wKQlJuRDbSqity-GPo2rca5dxSOirBec4Ph
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:03 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: v5mfca6lhubj041hakpp91cnbae7r559

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD69
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJL9Cl6dDN_V8glGfbp0Y88&google_cver=1&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC6sF80pqHc4K1qN4lwA619TmTzbw

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC6sF80pqHc4K1qN4lwA619TmTzbw

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPKs1m5UPIyNonc8ZWYXoRpSGimv-j8GaRSyk2e1peDnXS9kR0yT3UcYEnl8j2Gh8khIYlC6sF80pqHc4K1qN4lwA619TmTzbw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD69 0
12 B 48ms
47ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQkB8lYy-PvT7EldUr3gx75AZ2uXctf8aX8_q0JtbP7-WaZD8CCDcsGGVrrkKivougYHFg

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET /
google2waycm.netmng.com/cm/ Frame 93D3 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93D3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TERFRlFVaTMxTkx2NDA1&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TERFRlFVaTMxTkx2NDA1&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1COk0FXBXq6OsN9PEexjiJ1wnJcYfabEq6iXzqk-nz2ckgfpQSMJqgQA

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TERFRlFVaTMxTkx2NDA1&google_gid=CAESELAAcrw_3qmVUi0gcwNc_e0&google_cver=1&google_push=AYg5qPJTYi1RZgUdZhlgPHswcyYPhxHQ4y_z2sskMQY7em1COk0FXBXq6OsN9PEexjiJ1wnJcYfabEq6iXzqk-nz2ckgfpQSMJqgQA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93D3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIOINwnLc8CiijQdjJciAzs&google_cver=1&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgN...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MzExMzI1MjEzNTA0MTE3MQ%3D%3D&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgNNW_A...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MzExMzI1MjEzNTA0MTE3MQ%3D%3D&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgNNW_AX-snM1QNZDxQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MzExMzI1MjEzNTA0MTE3MQ%3D%3D&google_push=AYg5qPLmY5Orpfqe9KkwGzJLC2aMWZ8E5gAAcYzBuNd15yQbAsF1DHx2n_no6FNs4B3EuqI0iAxC1Ftj8jVFgNNW_AX-snM1QNZDxQ
Date: Mon, 02 May 2022 12:22:04 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93D3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJL9Cl6dDN_V8glGfbp0Y88&google_cver=1&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJD...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJDIV_5orBx58wCKMQsCNG0Xhh9xlQ

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJDIV_5orBx58wCKMQsCNG0Xhh9xlQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJPT1lLWUctMU8tM0ZRUg==&google_push=AYg5qPIu7BfZyhTv8n1225d1_dDjdVbveqKkGGNiGVlJCZ_ryuEQSNPtj6FmuatwHbS3FpB0wJDIV_5orBx58wCKMQsCNG0Xhh9xlQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93D3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPIIzzoZcY-l1b6m9ZHVotq3YGSGt9GgmhjEYOStUJoYhLSOCBJPoxE1HKm-Jxsab0fzfKNX...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPIIzzoZcY-l1b6m9ZHVotq3YGSGt9GgmhjEYOStUJoYhLSOCBJPoxE1HKm-Jxsab0fzfKNXWJR42XfOHf2LmEu8LQZHu-QF5Q&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPIIzzoZcY-l1b6m9ZHVotq3YGSGt9GgmhjEYOStUJoYhLSOCBJPoxE1HKm-Jxsab0fzfKNXWJR42XfOHf2LmEu8LQZHu-QF5Q&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 462
Expires: Mon, 02 May 2022 12:22:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 93D3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEODbryqUjbMU3XcOhjAIxI8&google_cver=1&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVSay6TRdEdDl33mS1tnVjhJsNbf0WaLW-9kRfKvSI0RR...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVS...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVSay6TRdEdDl33mS1tnVjhJsNbf0WaLW-9kRfKvSI0RRG1UA

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzI1MzQzNDUwNTczNTI4MTQzMjk5OQ%3D%3D&google_push=AYg5qPLYaTk-qlJ9TVQtA5W93pRuevwUJGsqC-PN0qnc8zzTu3FJhYVSay6TRdEdDl33mS1tnVjhJsNbf0WaLW-9kRfKvSI0RRG1UA
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 93D3 43 B
65 B 47ms
45ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHSQPb9vCkG0a-Wd_MiWhdc&google_cver=1&google_push=AYg5qPKwijvG0FHv_JP8dlx65rG72U6lf4uO85asPqHyD4IV8PD0s6lk73a_2y7_31HzDbBlwPXskm_M683kdXvnSMW_XP2Sxe2-3sI

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 12:22:04 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 93D3 0
12 B 48ms
46ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_3QvbkfgL6KebdA0ho7wgGj_pXxoDHVR07jySSvf5Dq66LzqCPEX7GQ7a9Mt0EDbmM_xnuw

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B586 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdBpA68xvYqa_F_Ok9u8P-quT-A8AAAAAOAHgBAI&bg=!ZGelZyPNAAZNIUvJbSE7ACkAdvg8WhlBNVfrF1Yc-c7Po8TpjF9e-A7pBKpzaIVQA6OlEL6T6AZH7AIAAAEiUgAAAAFoAQeZAzA7jP48jenMAjUjz1dH5N-3AF2oMhuOvKQKmmzxfvwtNbvr5RDDr1q0wxp-dXv0_4StSnIX3OaN53G1ojwp-aiJM_3WId9omPBlMoi4Ock9tJ68dCdyc4zg4V3KQ_UvrJFQaBIt5oMu2bdHX3Emp2m1fMdckuAq59e2RIU5SRif-VriDkjez5eFwJqie6Ji0X_wWmt9w1dnZPzUwE0957dsBKdEQabCml2fjy2B9ZWBvsVke23YATAEUXmlIBgKCI1JyGWzyHTWXnuKIIE6HnZ_taESrZ9UCoEtyLS0dm2GgYGFxJVkOqNG6t0VuU6LyteThuGK9FF12ER0Ev7pxqfJ2_3nHtbKn3lns1pup2gq0Yk8dn4edJPZNofLA5Q4QNj4CIg98kMRc3NS749_vAy_YLYE_x2mTn1OW7geDwO-hGz0j6asiM1lnwVdhq2p4HTH_zHoW8noE1LmmQBJHbT_Y8ksCitm_hOdIfNMXk6-e06jf-SIyPQEJMKVl1unenrKrMlE9mMlURVG_1DSiX8WcgdVmO6wysUsPq1ie1dZUdQ6zmbaqSo-qS30Tu4bd-uHH7tJKimLkFpRFqLRI7wrK6v7onwMtvdX3MUSIJXTvSc7I8r3sm6n3hu8ZvMp7JHgkZBikhHV7yDUGhJwYOHwgNzrxXEdVrhl9yAFZFnoY2tw6Mh2hH3HFpt7b1u-YUoToJKSeCZlkJXvbxhoo_S-MCPAFn0OVbYAU-iur0nXSlFIAXakT8JvBz-MIBrBG1Gi_kdIAhTNH5nLbwVeDsCF9JC_X3jftX9gFoil5l_JoJrIkT0F1jjcLxSC-G243rYJQ2nnp9WVqtj99ICbJ2tnTbfMksxUF0ri7LHE1Uqp-fvryEBaWyt7Y5QkwBPb3y-5vVtjbwyXYfEdnoXk_WS-7I_2JwfKoYkC1DBi44nQKp2hkrc2ZvgLdKy4iYkVFeqzy418q-G92dx94jsogyx27Ks3vGes3z5UV0_3m8Vm_ras79d4P5xtKMySOqB12-iRZ8LkbUiqIjBdB8WpnQJ0mSIMCsDe12z41-mS4BQMDESRkJhA3VNYRG09GLKoABQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C586 43 B
215 B 222ms
222ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=67ffdc79-df34-6277-c2f4-87ede98bab1a&tv=%7Bc:bswpU3,pingTime:-10,time:493,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1651494124630%7C%7C7b6d9a0837a8504910a578f28f86f105%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C95cf636c6b75cd45eda9e9ae200328c1%7C%7C93d64557fa6c30bc7c95d729b2077380%7C%7C6f59c1ecc3d8c67677fd1bdd237b8347%7C%7C3f8ff6ae334e30171b9296544c4f4002%7C%7C8dd52524ea559b4dd3d18819653a3c91%7C%7C1629390669%7D
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame BF87 7 KB
3 KB 149ms
50ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=8af9ioc7akhn&nw=20&renderingType=javascript&namespace=e9253f6b07&subid=&uid=7dfcfa6cf01e549e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuNLW68xvYqe_F_Ok9u8P-quT-A_98_6haeuFrKXMD_AuEAEgzIzLH2D7AcgBCakC1KBQJymrsT6oAwGqBOwBT9BTBoTMcUjWbiFciZWwOrtki12xdi-C7QuJAp5heyM_vs8ruNJFpPwqww8pDGDyKpymq6QBx0_aS_f7fUjXWMRjVGt3csVXn6yFGGeW6Gu_UJQAMUQo83UNtdQDwqxZuUQ1ni0cs0BUeMTU5spskZcOixipK-v8eP3AKCA0M8BYbCc2ComY58YeNJOjV0cvnTYLWKrMfHgswWsIs8yBRIY6PwqtvCmBP8fgajUnkDzY3CVWELdEcXeryrVAkfBE6pPgte5xhGj_QK0lE5dBOYtC2y2bxqtDj6fXWruq_h107CN4K87z5xurUfLABNnYm9OABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgOYCwHICwGADAGwE5rkzQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASJORopmuns-EGFT9EwrOEHN7moYjBnQrJElQMY6GrvxaH3p-KgQ%26sig%3DAOD64_3nVxU5XfztakkjhQQsd4SLtcBLKA%26client%3Dca-pub-2070890256337765%26dbm_c%3DAKAmf-AyHO7wtfT2AyP0UdhxTByUBwtK_7Fly7phZhrrB-a6A9MDQ32dsa-ZKrFS6vaAVB2QNh_Y-hzfv-GOVo5EVdX_b-DBVdap8pzJbydYRw3ol-UMJRCJayhEVoZ0rCamCEkY77iarolUYnin35bHvXBhEc_jVw%26cry%3D1%26dbm_d%3DAKAmf-Cp36s5zoH9romblz2BrnMUiv5tw2nSWZHYDiRn0D7U3PZb1-2KWiu5isGYgZfCOo82o2Hmqkrhhzp-HsIWMKs798EHFdQLcw0uuJmhb6EFLDxEClRT3I-6eoJVAyperpF42BxIkm7qKTqR9PO-7Fpo340qNb1ArzRl9Jx_8oGlN01o_euzcSuibr0p8BeSJb3fD1OcwTdj8KNvXXafuQ4_vm9zRjnnxwyiwy0o2xt9JV8gKUpEgD6LQ-v6lBbnI8HdHR4O7J6ROuLDpGpEHezy_E5mEZW_LDRFLFpziwwbLl3FDqRUjMRmg0JiR9UJo69goHvx0cjjrPWZHhRtl_Y-iyhTtgszyOEYZhsclb5sLC6-epCkD1aRaTjln5dUBDPGCWhcKfhQBn8Jq6EngjF_4mhTquN6JwXC62U8PygrOtci6mEjPWK9xyTIIFU6006QhhkU%26adurl%3D&documentReferer=https%3A%2F%2Fntn.ua%2F&ancestorOrigins=https%3A%2F%2Fntn.ua&random=6652785383745&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: b1db32ecf1cdc548f220511264926d196b1b5561aa435ad99de4d7d30856557c

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2286
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2022 12:22:04 GMT
Expires: Mon, 02 May 2022 13:22:04 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EADC 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS4eC68xvYuOlOJD53gOJ-6egBwAAAAA4AeAEAg&bg=!j4yljMjNAAZNIUvJbSE7ACkAdvg8WqL09QNZD3JxD7ToTYHJ9XmFMlf5tXMEu_352N64-s5g2tHvjgIAAAFSUgAAAAFoAQeZAzXRmsoR_e7FJfq6pK5EHq13PRz80ZRsN9wZ-iwIlTnzidPCaUpSEOyj-5pB5RLqiquMRILtW3Wg2owcaNVcBRO_4AtclzmMTrBQfFs1-0rOPL7LkWJvZsVOMv_NW9YRTbdDIw_0OQOEN9wzo7fJy0x7Q33kNIYrpg2QZqH3nyUXeXCNQtQWLs-JWbiJBnNvzSYNTrgELxYYhS6_jYI4YLostAnZmrux6WMwNuythA1fXC1SomBJAKCuk0xsUaSrWJlsahelI1H_1Hrg9umUZQ8Beb-g_nbxA5BQjwuHAyVRYNbfALPTVdmvwZ61yr6bgrQdzo_qcCD7JL1GGBfVjQm9YW3SrPK3ox2xalkmkmfSNzQkm9GSEXSlE10BM7Ch__9U7WiDPglON2G-VJZ7jGZAIUxUW79VhNFE9ejCT3DA450yCUkuRP0epAEED9jNfEUq_7fnDuy-lX5oR-AdEGOxwJqlgMlbt1xq02rLdpHJo2FgnQ1Luot2sblhHILLyql5on-XAlnNee545s_5UMMP5VNdT_NRJBjfNvIJOuDhXotZIyeAhXTnnpakUEnJW8MoJ7WpmVvmsGANwNA4kDOEfgb9U9t3eC-YvnseS9hyrYZsaeSkUWvt4Z-rgHh1G-Q6XmlMF-WFr5DwbiN9ZMmFYcTzuIQFXcZGYOJitYrNYaBr9V0np8NAu_lnBTd3ezR8KgxhQGuQOE12tvDfZ4VD1OXsHZPA0Xl61BqYnYWFj6PWfFocQgmGjZCKhSoYKFqkBUD4U7IiZtxGIXRbylfbHgnmxvFI6bdfMR_EWY_hA83KJt9cG_JSrKbFJUHld5V81XtUaO7_DuTGjOPhb9iDD3f4hGIF_jmHU0ROLhJf_BPY8iM7xCEdQ2ZsyR-lj6U-AUAK7IRme1wNLYNN9kSU0YBkQDWY-rateQKGbvPPNOyRc6Jh5y4OSK3S7ZnY3Y4XcpjtMgY4rQVlEnoGDYLAvcM4YpJdI3tint4qcENLmf3uTdXUVr-Jme6GbhankZf95ZHwLB-NVhOA7vSum3v8M6RWZAS7uWe-YIKGbidiHfhgz73LZQc7qjrbsc9IjS9RiWMluQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3885 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 23300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 03 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12E6 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV_2b68xvYorAONmr3gPq9r2wDwAAAAA4AeAEAg&bg=!WlmlWR3NAAZNIUvJbSE7ACkAdvg8Wve7hYfqzc1X6Maa1-dge09UAYlVuEuOfmzCFqiSMvHbLzso9QIAAAEUUgAAAAZoAQeZAuRIsXmaG6dMjBZBS4hukBs4dndFecOLtd9swPgidPgBpl1n9-GBZ4gqOkbb2tLx4ZV1nD5wCJtIJQL6iYyc5X3rvq4Rs0iqRQpU7THdn6-IgQYKvuIjn7QCIhexG_oaxHn39RH5FIVjxYJoHbLXwcVb7KhFQDMjsVPHPaPpXbkSvOZsMrVQKAlnepKnjKpO4p6B1uj5JEP1soPEXonZtbgek71v1i2A0IMk1FJ-9lIuIUHkWeQ5IgTbPc4XE_BzGQPvzPKqeyADiLdYW8sQhNqM_6L6XcUTkbkv0NeN0_9VVPlWGUjLVma_L6BkvwXfjwNN33ZRamIMLTVYvLNtxfBGZU8gj9zlHBsXRnf9Imzn3cQKa_-KRWSvqRXBVZQoOiAjRTSfmnvRomXM_n98rxyezjEp81C6UyeJJQDg6l2Swp983zBVPLQ685mO-P4g-z5mbkN8BfNFZRguhrCjPUb8qRDBxb12rkvEW8Qhbi82IaWotlSJcUZmVIz2LfAJ3zVlZLiVff0cpqksPwwKQ7j4K1wIdezQo3-JeSGIhpyNsTLOSVhAQLwKZ2x62HcYRZBHv4cTwIlhUgBAZqU6VI3c0wJtHfv_XPLcCPGslttf3E4UbbHGQZj0nkuC4lgQ3pwHKe2uWbkfVwI2IrRZivY_B9beoNdvheoobnyue9Z6DI8ybbdUXDDh8T1psTetl0sB9YCFz02zb4GeppIcwOh-gA6M2vdLOPaYlzw1LD3YuU8AW8bNCtCCM6ol2lRht_VT8hb5YrVN0RF4nr74ipSAiBPptQoJqQBbrlhErIVOdQBgvb_peuM6id-Oey8Z_yDa1puWn-8AVAkM7J63g7l04vkVPbjAoq6rMxpn5w6KJKE8ABU9Dl5Kj0mTz-QPAY7nWEC_wFRc2B8YrN4Zc9H-hsn3kKYsthNbbQC14G-AzMSG7MhOihJdP1upRt6xMliETXxpMlAsQ2TOoSrCjQdtMEricg

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4821 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba57163ba0fde873bab500a55da75d6fb1d00135fd9b0bff4552dfc2f0c2c7a9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 152ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswpVN,pingTime:-10,time:643,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1651494124738%7C%7C9dba3d3cc02e8751a8f42f14b7d094c6%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C39bed107e094a0b99d8bb32a41a1a724%7C%7C68a608b7f39e75c36656b73c93ebef7d%7C%7Cc05889ce3804b6721ab1a5343038f35e%7C%7C7321e3648bbe7865a372c48f51a4818d%7C%7C2ad8defb41fe0152331716bd1e0061a6%7C%7C1629390669,im:%7BpWait:15,pci:%7Btdr:540%7D,pLoad:629%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 417A 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs3b_68xvYuPpOsTk3wONnZDIBAAAAAA4AeAEAg&bg=!AQKlAkbNAAZNIUvJbSE7ACkAdvg8Wo3VZvIdk3eG2fuww-hgolu0dzvYjjZwTAATXzKHoWRXIG_gcQIAAADmUgAAAANoAQcKADvPJSgz4Jl5Zt-iXoeF4S39H7ugmuDyUxR_nLT6TQ0m98DnDI5UQ4pvRYAsISu3iHOMtRoTj4ZK6_RFspkC3R9w2RZXV1gJIzpoc5xu6SNZiFQS6uhBrBzmjLqeceofyRnwM2HhQEVAaDVJppKwFQrxq2TYvb4MQz5-APpCwm69pQshUjYnUZ4cQrVjEnyKCRxA_IBbE4IPccX1FJWMgh-FmAL0-aDXQpiGuMZbj77xERifSdzTa34dsZokwhDtbOrz9_OWTp4HRpcj2qEKdibbF_U3mqwuSgpQjcm0-cYD3Ycdp-VSol_ih-WfnMQioA4y5HKjAFpP32h4aKmD2K6XF-85EgY_w89eCbE3U-gO8SH_P_Z37YJvjGFf2e4e_6MKOVewHIVsqMvyeu29boLfo3i3Bk8MZuy6sWl7d7xhLuZtoUImPQFDT0fHxXHbjHofxMHKwIZI78t7CcXIyOmkZV_72HMJDOXwff0PZ5AD3wSGaH3Kd8M8_bJgM0pjNbX4Ji352pBBY4a0toS4c6fGKdSpAogLrSbUZNkMjUnrHCbKoOk2DuTyp8oMEMxlNnLP3owPxu69yWikiFyxIwTQ_c3NoJZia1ZC68Pigsb5blXyhpdH3JFH9pZPxOnmc1flsIXHIdBjw9x0YHdrq4utNDpwGH4Q6icul2zm1dHlUS22ZA6RidaMjkQmEdQuqE4Z9HOcIJl6WOGZHFvNhhrwLlZQnG8UUVG9L_IbdEAYtsYzf_RGkTGvOMxFkxxRy3HmnrZTPiq2NPIA40EMP1kD4JSfpZwgAsmgdFXNMA6f_QGtj0COPX3h-TL7mLzlySg5LlDnavgKY27_8Wsh0LaafYeCUJtJkXQKrAo3RltAlU8BQuMqtdylgEqTCO4LDy7JfRfV2WAHs_15TKLQxBmxyD9ZnFkka6xngtmyo80XPTXLt_zjVKE8JKHazg4zaSggZqwKowL1FroZ-dC-4Rkcs3lY5_i8GWBFSvdbo1P6tHc1pROeXLfdiHvR2h6LuWgRWeE5DsywkIist88INqZgrRfFuNA6Df2_TDI

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3885
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK8SmGKM2obIvO1lb62dcIM&google_cver=1&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412DVwSPm0y_LXw

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412DVwSPm0y_LXw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 May 2022 12:22:05 GMT
Server: MT3 4335 2c68c00 master ord-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ29Y0WRa6p03L547R09dCE6ZwmUO0cx2l6raj6SzXMEsn0yviz-Q8YKNfXdWVWSzla2efHlQhyjRIpV412DVwSPm0y_LXw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 02 May 2022 12:22:04 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3885 70 B
264 B 40ms
38ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN5BRUemy3ZFBiyLrgkfDE4&google_cver=1&google_push=AYg5qPJ4Gl-BEY-DjHTnevCobQmBwfF6qwXgY29T2crDmOzWoVQzniYSM79gaLJ9vAYjQPSMMxWujQ_HOSOf4Y1_cAO6IV4MWIWDJQ
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3885 0
191 B 32ms
29ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKUOgvZ2uwQvxLkMQbfBxaw&google_cver=1&google_push=AYg5qPJXGFYK1nCLGGwJeRYnqxRboaa2KKAxIAl50WNprcmYa_YYJze-7OjrUQA_V7CMJKswat3_VtBvP40QcXb1uABLM5lgeT19Cg
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3885
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPKTE1D97h5jSiuUF9p6ZndXVokNro6UvtKXJkLmT0cnRL3JtdP5ab38jCy92XIjpwp6mv1A...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPKTE1D97h5jSiuUF9p6ZndXVokNro6UvtKXJkLmT0cnRL3JtdP5ab38jCy92XIjpwp6mv1ADmcFOGKN4_dwP5Bve5Wq7nN0&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 12:22:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym_M7FbFCuTBVJGzGst3AgAAAsUAAAIB&google_cver=1&google_push=AYg5qPKTE1D97h5jSiuUF9p6ZndXVokNro6UvtKXJkLmT0cnRL3JtdP5ab38jCy92XIjpwp6mv1ADmcFOGKN4_dwP5Bve5Wq7nN0&google_gid=CAESEAmvlqnVQKoq91nq7eo3pZU
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Mon, 02 May 2022 12:22:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3885
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPK11FDaCDPahtphxqSa-OEroRv5kEuhI0cHjC1u80oUAVWFNRZM-R3GAEV0MzkQYnfdOZIrGtZez_cqNvHDmo3gOecl17yF
strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3885
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.targeting.unrulymedia.com/csync/RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKtvfm4jEdnLfQIV1lky...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy&google_hm=A9bipMBz7EsKnOhUXCtSJZM

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy&google_hm=A9bipMBz7EsKnOhUXCtSJZM

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKtvfm4jEdnLfQIV1lkyO4F2chkp0azNGEIL3NK1-cGGHsJDjtDquY1YBvRF04tIPRzsni7V8i9kvQG6KLaGH84bf_ceGXy&google_hm=A9bipMBz7EsKnOhUXCtSJZM
date: Mon, 02 May 2022 12:22:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXd6e2a4c073ec4b0a9ce8545c2b522593003
content-type: text/html

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 3885
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDgbAzxALzTBQi0qrXOQqmo&google_cver=1&google_push=AYg5qPLxs8a1832px_gqHFu6Ywwz_pghf-TI4xEb9rF2QKkvY1clWtyuwUdcr66LxPy-4lstquzPqLaYLWD...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLxs8a1832px_gqHFu6Ywwz_pghf-TI4xEb9rF2QKkvY1clWtyuwUdcr66LxPy-4lstquzPqLaYLWDPMjyFbYrRJwrvvmnwYA
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

39ms
37ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3885 0
12 B 47ms
46ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lg3SR6aEMgO_Z9iASTRDMINbqEFqClQPNKpTvvWAzCHYV8dug8d5zL0ZBrlEeJUP6lJ7dcWQ

Requested by

Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C586 43 B
215 B 152ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=67ffdc79-df34-6277-c2f4-87ede98bab1a&tv=%7Bc:bswpWh,time:631,type:e,im:%7Bpci:%7Btdr:524%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:632,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B627~0%5D,as:%5B627~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:521,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171*.1019799-62566992%7C1711%7C1712%7C18.1019799-62567012%7C181%7C182%7C183%7C19%7C1a,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: 7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
URL: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame BF87 89 KB
32 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 22:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 22:11:16 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame BF87 24 KB
24 KB 277ms
110ms Image
image/gif 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-728x90.gif
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:05 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5fb9"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24505

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 117ms
34ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 May 2022 12:22:05 GMT

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame BF87 0
150 B 151ms
53ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=30709500123578704448410011947030&a=e9ce642b&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=30709500123578704448410011947030&a=292669ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 02 May 2022 12:22:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame BF87 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50A3 42 B
64 B 159ms
80ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbcrHr3oV-ddPRDieZcKVJHLxQqQp4CyV67-3kYSjda8IIgwWD22z3Dy36T7w_k7Ov34vVcFsgUFczuo6ERokgV6VglI4wtdy_nJwL4UbRrgSOk8IRH4seBlwf&sai=AMfl-YS40CDk3CacDIyD-HdZo6CpyyqLg1Up1T7PJJrKmoAECKPs1g9DL_h0HuQwJ1zdghyntcVl9Li8nzt6RJ93yxxL6j6wejgr51GpLn2VW0exhKypleH_WE4IqJ0&sig=Cg0ArKJSzNbjJk-7W3GxEAE&cid=CAASJORoLmljaH91cOEqNZYFTKlAYWLpvsGzJuxldZVPl7PFnHZNhQ&id=lidar2&mcvt=1001&p=1020,117,1110,1087&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3749508852&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651494123797&rpt=238&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042601&jk=860659709413528&bg=!W1ilWBzNAAZNIUvJbSE7ACkAdvg8WoBYzv4pyu-a9esHYlhOHWTV9ejPqtTsjDbs_ZxRqEdmymlkvQIAAAFMUgAAAANoAQcKAOFZiwS3E4q4qQRz7wMswsQgc7b0aZ9ys8JckHu5vkIYnz0T3VWArYgxq26WxR9A1kTn3qbOMwvFzuIAokDqT3C7Wkrbwk4WdKtKckHiypt1o4Z8UOCpoLvukVapWhpK9AuoHIFVeZRca9foksXt_Fdh3nFSuH5P8ztQt2xTYHtnp7WaHqQ4R5PEMGnpL1geyU8g79lW4QwndieyZ-DZXudWi9JrjedOMyIJVQPhthQqJ20BjnbtlM5kjYxzsMxyk0bcXraQjNjzOi1Eu_PCGmthj4HOeBh6EIY4oSfIMZwWjomZAqROO_QofOeObcO4fDfUlKlU_dWrxfYGLcqcDpAE6D5HF7Rv8uAxL1d3Rn64oMV5AkHlWVpGB_iss3srafwbr2ihxBODKBX3IP4j7lUCnMuymNCWjulV7sUz-CNpsNuOSqozSuDfcFaBXtKo4tjcKFOi5-VpM17XS4Czv4X69y-y_WT4iYH_KDCNrhXs5ycfTjPC2xY6xVmy9m4d0-u7wrMz-gWNCMoBIIefylXrKTlOBNaZNx26Hv0Ac2KkZG6NC_JSq3uYThQvvmWUID4o585x3EBJ02K7xhW-VCQEHZsXz6l8siMxr39Cq1ofVk16kKcKa5grukumSR-5Wzslvg9kFWqbUACMU61PUju67dhT_cXiQtOzeNdexqOxvXy-QJZYNm6raJnK-WB0SfeXMe_S0u2_aOVvfwspqdNgV6fuPiZfWVz92AFmhcwNxIIXFS36xAnd2mUVvnLgCsU8Ystb74ef0hOqWsANCl2XlYmnBhoq-K42sdEIqjWBC8j6pKzP-ug3th4zQw-JjSfPb1nuKmzfdG_XCubMWzoIR2vFn2dFEAw831rfYQqC0nj1-OBS12r_ZOfaCIdfmKAmxEoKSRhmBtmPP-xTDQC4_zveJRCfp5Q3a9VQmtL0os9Rl6vfd6ejaidfiZmaAk8_lRHNRpYNNjFSDUwusc7-fWqP3VKiQbWNiBdd2PtP2jrSdk0PwEydsb62cVd9KI4DQB_MUummEY7A05FyNg_TwIK5nCcKISc_0SlAcsqMW8bWqNfLcbejSdzBpnt4SlHXXmZI2bx50ycw-s952nIrpq-c0k6Q71SukR7NsetBZLwCDROy7bPA5wGdOyl0Vwoc0OHb1gwVSKX-nLoIC3iY_sYFY8uFT0SBlYw8OfdG-p6yNn2X6ZyW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D8EC 14 KB
6 KB 568ms
35ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ntn.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ntn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 12:22:05 GMT
server-processing-duration-in-ticks: 2289
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 129ms
64ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:22:05 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 May 2022 12:22:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C84A 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKd7fokBD_WyJBjJWooTuTZCclUnxE_svXu1uUKrDbWwQx5lsmeJlAcQZxksViy5JQ-7bUtKGKSxDIi0Mjmrpn4hhHvNBeSXg8CGQiJGaVSVh7lebjygEFVsDb&sai=AMfl-YQYqynzPubmbJwk0qxdF-O4EiIiiZWuEkZa3KgHOpiZhF-jMkigUShJIKfFAhKNSldd6jikD7RVG-tdLE4YAleTJ92RxVl2MhPc82NX461kLol1fo09-K9goJg&sig=Cg0ArKJSzEWkl3Ri2rshEAE&cid=CAASJORoPtBgqI2ZcshrcKrz4jpJ4SfVI7NI2IAFJhOq-WnCrbGJHw&id=lidar2&mcvt=1001&p=25,436,119,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3762424195&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651494123655&rpt=785&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D8EC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=ntn.ua&sn=ChromeSyncframe&so=0&topUrl=ntn.ua&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=jCwjFnxMNytoa2crbkpMenBDcmZyak1WWDJmTWxQYTgzUzRIZEpSRzVEQXZkRjhZNE5FclExcVM4M1hLQVVkTWlUSGM2Rm5Ra0VhOVNhbDhEaUM3SFVNZGNOYktvYmhDN2ZrZkFWM1ZHOCtMQWV0dnJkVnB1VExYYitxcU...

435 B
637 B

310ms
36ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jCwjFnxMNytoa2crbkpMenBDcmZyak1WWDJmTWxQYTgzUzRIZEpSRzVEQXZkRjhZNE5FclExcVM4M1hLQVVkTWlUSGM2Rm5Ra0VhOVNhbDhEaUM3SFVNZGNOYktvYmhDN2ZrZkFWM1ZHOCtMQWV0dnJkVnB1VExYYitxcUNrdEs4MmkxSEY2bmpmU3lOUUhUYW84QnlqZ3k3eUdsaEszYjlTV0hlUEJMbUR3SVB1V040cEwyWEYwRTZKQXNMckYyaWswZFY5Q3ZNN2dmNWh5VmdwVHVxclh5TUJ6VUw3YVF4Y2I4UVJHY2htV0ZEOHRpQnR6VmhBdzhheDhSUlNhdy9oSVo5S1hFbDVzM2RBNHZpbE1pdm4xVW9wZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dd2bce59ebd1263c380cdcc2c573f036bb70352131e6c550af8f929024c80858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:05 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4383
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:04 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=jCwjFnxMNytoa2crbkpMenBDcmZyak1WWDJmTWxQYTgzUzRIZEpSRzVEQXZkRjhZNE5FclExcVM4M1hLQVVkTWlUSGM2Rm5Ra0VhOVNhbDhEaUM3SFVNZGNOYktvYmhDN2ZrZkFWM1ZHOCtMQWV0dnJkVnB1VExYYitxcUNrdEs4MmkxSEY2bmpmU3lOUUhUYW84QnlqZ3k3eUdsaEszYjlTV0hlUEJMbUR3SVB1V040cEwyWEYwRTZKQXNMckYyaWswZFY5Q3ZNN2dmNWh5VmdwVHVxclh5TUJ6VUw3YVF4Y2I4UVJHY2htV0ZEOHRpQnR6VmhBdzhheDhSUlNhdy9oSVo5S1hFbDVzM2RBNHZpbE1pdm4xVW9wZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1329
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 101ms
34ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ntn.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 02 May 2022 12:22:05 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1561
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntn.ua%2F&domain=ntn.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=mMwUPnxJRkZhRHk1a1pQNlBJeGVQYTB1STIzeXFQRHNlRlhOV01KNlRYWC92SUFkeU03a1BvNko4am9NRnNPQW0rR3lKY2FmNmcxT3VFUUNQUkpkRk8xVUlublBXZ3VlVzUyYTg2VDl6ZFFBUi9KaWJ0TDluSWpaaG82Z3...

403 B
659 B

38ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mMwUPnxJRkZhRHk1a1pQNlBJeGVQYTB1STIzeXFQRHNlRlhOV01KNlRYWC92SUFkeU03a1BvNko4am9NRnNPQW0rR3lKY2FmNmcxT3VFUUNQUkpkRk8xVUlublBXZ3VlVzUyYTg2VDl6ZFFBUi9KaWJ0TDluSWpaaG82Z3F1a3JleU9MeEpWa3ppQmxMcVR2Ym0xTUNIblo0cGgraVFsb3d4dVNEWHNxNjJnN1NSWFVyeW5FaXJSdXduQmc5NkRGWlUzd29PVFpuMWVQS011M1FVVEdJblNONjFQcm9BRXM1SzlNTkZmMlZSOHZNQk5Ram9idXFmSHhmaktzYjFYaFlmNWgxbi9VMlFzZ2NWaUNsSnNrY1VpZ0hnZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f710f315f78ed161e59f889d74ad5dca25c3bf658e923c95de6c220ae1c2a80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ntn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:06 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3567
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:05 GMT
location: https://mug.criteo.com/sid?cpp=mMwUPnxJRkZhRHk1a1pQNlBJeGVQYTB1STIzeXFQRHNlRlhOV01KNlRYWC92SUFkeU03a1BvNko4am9NRnNPQW0rR3lKY2FmNmcxT3VFUUNQUkpkRk8xVUlublBXZ3VlVzUyYTg2VDl6ZFFBUi9KaWJ0TDluSWpaaG82Z3F1a3JleU9MeEpWa3ppQmxMcVR2Ym0xTUNIblo0cGgraVFsb3d4dVNEWHNxNjJnN1NSWFVyeW5FaXJSdXduQmc5NkRGWlUzd29PVFpuMWVQS011M1FVVEdJblNONjFQcm9BRXM1SzlNTkZmMlZSOHZNQk5Ram9idXFmSHhmaktzYjFYaFlmNWgxbi9VMlFzZ2NWaUNsSnNrY1VpZ0hnZz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ntn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1505
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
613 B 163ms
43ms XHR
application/json 51.89.7.202
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458748/hb_285194_899.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.7.202 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p37.id5-sync.com

Software

Resource Hash

2bb2669a52d8b09380f3449e733ab3863190afc13c200bb81ccceda16e7dcad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ntn.ua
Date: Mon, 02 May 2022 12:22:06 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 101ms
34ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 02 May 2022 12:22:06 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1078
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 152ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswqnA,pingTime:1,time:2366,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1365%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1356~0,0~100%5D,as:%5B1356~728.90%5D%7D%7D,%7Bsl:i,t:1365,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:156,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:06 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 152ms
151ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswqnA,pingTime:1,time:2366,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1365%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1356~0,0~100%5D,as:%5B1356~728.90%5D%7D%7D,%7Bsl:i,t:1365,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:156,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:06 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 65ms
65ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 12:22:08 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 65ms
64ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9140166D374A4BB88FBA09B927F304D0&time=1651494128195&location=https%3A%2F%2Fntn.ua%2Fuk%2F&referrer=&is_flash=0&session_id=513846257&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=2374&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://ntn.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 12:22:08 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 152ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswqTQ,pingTime:3,time:4366,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1365%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:3001,o:1365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1356~0,0~100%5D,as:%5B1356~728.90%5D%7D%7D,%7Bsl:i,t:1365,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3001~100%5D,as:%5B3001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,metricId:cfrma1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:08 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 153ms
152ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswrq5,pingTime:5,time:6365,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1365%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:1365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1356~0,0~100%5D,as:%5B1356~728.90%5D%7D%7D,%7Bsl:i,t:1365,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:10 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C84A 43 B
215 B 153ms
153ms Image
image/gif 44.229.209.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1019799&asId=2803d416-8398-a909-2934-8d6b5253cb8b&tv=%7Bc:bswrq6,pingTime:5,time:6366,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1365%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1356~0,0~100%5D,as:%5B1356~728.90%5D%7D%7D,%7Bsl:i,t:1365,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:t4G92xy+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C161%7C171.1019799-62566992%7C1711%7C1712%7C18*.1019799-62567012%7C181%7C182%7C19%7C1a,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.229.209.14 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-209-14.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 12:22:10 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESELOleyBPb79ranlsVwkm5mQ&google_cver=1&google_push=AYg5qPKnO4kobZPAjvcBL7Vco5Ze_iPG2qedvTBHnerVW8eA9rIyV9HGFqve5EQQDRcZ8m-gRPhM1pzK4KZlaWIVQGcYR_QjaL5x1w

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESELOleyBPb79ranlsVwkm5mQ&google_cver=1&google_push=AYg5qPLGQFchyi__gfB4c5gvIFMnxr1Plwnrv63SGhQUaw1CvgjjMCwmmga9SFsilfwkw57P2DXrafcyH_K8D67aRjKcwlXP4-IwhQ

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ntn.ua/uk	1969-12-31 23:59:59	Name: b Value: b
.adtelligent.com/	1970-01-20 04:14:10	Name: vmuid Value: 33582c1b5345cc7a
.bidr.io/	1970-01-20 12:13:27	Name: bito Value: AADi6E7E35oAADvnmZ7bkQ
.bidr.io/	1970-01-20 12:13:27	Name: bitoIsSecure Value: ok
.ntn.ua/	1970-01-20 20:16:06	Name: _ga Value: GA1.2.1755366314.1651494123
.ntn.ua/	1970-01-20 02:46:20	Name: _gid Value: GA1.2.1165098291.1651494123
.ntn.ua/	1970-01-20 02:44:54	Name: _gat_gtag_UA_157387674_2 Value: 1
.ntn.ua/	1970-01-20 02:44:54	Name: _gat_UA-3902239-38 Value: 1
.ntn.ua/	1970-01-20 04:54:30	Name: _fbp Value: fb.1.1651494122856.173360775
ntn.ua/	1970-01-20 03:28:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ntn.ua/	1970-01-20 11:30:30	Name: _pubcid Value: b1e0a41e-e288-4612-957a-071f936b6252
a4p.adpartner.pro/	1970-01-20 04:11:18	Name: apuid Value: 18a9fb9e-254d-407b-90c4-13e281961431
.ntn.ua/	1970-01-20 12:06:30	Name: __gads Value: ID=29ae7f964a63b5f3:T=1651494122:S=ALNI_MaDIwGQ_lof62GivX2E9bD_MtpJww
.rubiconproject.com/	1970-01-20 11:30:30	Name: khaos Value: L2OOYKYG-1O-3FQR
.rubiconproject.com/	1970-01-20 11:30:30	Name: audit Value: 1\|hLZGFuTafB0bHqol75AtE6JvvWgC/Qcxgndhc+y7+ZAsjeDKZpe5AISEr2pRVgHQj1ZvYpPUliAcHHmv29zUs0PIHI3a0fHR
.facebook.com/	1970-01-20 20:16:06	Name: sb Value: 68xvYlHkeCh_3bhXBW0FeyYD
.facebook.com/	1970-01-20 04:54:30	Name: fr Value: 02sr6tbPuZvfhKrSD..Bib8zr.vV.AAA.0.0.Bib8zr.AWVz7xK7xA0
.adtelligent.com/	1970-01-20 04:14:10	Name: a307558 Value: 18a9fb9e-254d-407b-90c4-13e281961431
.doubleclick.net/	1970-01-20 12:06:30	Name: IDE Value: AHWqTUlNolrABMcK-6FQiG5mNARNk9cnmEAJyohAl3yWk7HhVHFHek9zQXfL_X--AWo
.simpli.fi/	1970-01-20 11:31:56	Name: suid Value: C35650D007174FA19D95D42DF7718561
.3lift.com/	1970-01-20 04:54:30	Name: tluid Value: 3253434505735281432999
.adnxs.com/	1970-01-20 04:54:30	Name: uuid2 Value: 7307186867014960227
.adnxs.com/	1970-01-20 04:54:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>3tAso!!]tbPl1M>e)ZlrFUfJ+tGXxp.Qji=qCg6PLP:?YRL>@#k9+>noOyx4Kvc<cE3If)y3KL9D3I?+S7w1L+
.casalemedia.com/	1970-01-20 04:54:30	Name: CMPS Value: 687
.redintelligence.net/	1970-01-20 04:54:30	Name: 8lcfmzhxc8d6_uid Value: c6b379b9972eed12
.casalemedia.com/	1970-01-20 02:46:20	Name: CMST Value: Ym-M7GJvzOwA
.1rx.io/	1970-01-20 11:30:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003%22%7D
.casalemedia.com/	1970-01-20 11:30:30	Name: CMID Value: Ym-M7FbFCuTBVJGzGst3AgAA
.casalemedia.com/	1970-01-20 04:54:30	Name: CMPRO Value: 709
.casalemedia.com/	1970-01-20 11:30:30	Name: CMRUM3 Value: 2d626fccec2760CAESED5o5aqqrnQTUsSM2DDEwfw
.adfarm1.adition.com/	1970-01-20 04:54:30	Name: UserID1 Value: 7093113252135041171
.targeting.unrulymedia.com/	1970-01-20 11:30:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d6e2a4c0-73ec-4b0a-9ce8-545c2b522593-003%22%7D
.everesttech.net/	1970-01-20 11:30:30	Name: everest_g_v2 Value: g_surferid~Ym-M7AAY5UQWbgAy
.w55c.net/	1970-01-20 12:15:08	Name: wfivefivec Value: LDEFQUi31NLv405
.w55c.net/	1970-01-20 03:28:06	Name: matchgoogle Value: 5
.mathtag.com/	1970-01-20 12:10:49	Name: uuid Value: 79fb626f-cced-4f00-a4d0-21d20c54bb1e
.mathtag.com/	1970-01-20 03:28:06	Name: mt_mop Value: 4:1651494125
.criteo.com/	1970-01-20 12:06:30	Name: uid Value: badedb42-27c1-4743-99ec-26455d050f56
.ntn.ua/	1970-01-20 12:06:30	Name: cto_bundle Value: m-oDwl9veFRhMW9HdjdKaXBlV29lUWVzQ1d1bTVKZ0pHakJ2MHVaUEh6eVQ0Q2tCMmIlMkYlMkZKUnR5ZFVaUE5CbU1OV1N1QUFzYVhVMWhycWt2M0wzdUI0aUhQYjliUEJTM2tCeXkweE1mc2w4RVZqN1BhczUyaTJLckI4Q2hJSXpZMzNtRVVxRGNrUW8yckNzeFg5bWJSV3JGa3d3JTNEJTNE
.ntn.ua/	1970-01-20 12:06:30	Name: cto_bidid Value: KG8niV9teTBtZlVRYTI5UElEMHRjTmxicnRjbVFHZTJvSTdSeDlZUVh6UkZtRWYlMkY2SFhlYVpnRHc2S2lzNTYwRXJiSld3NXVJS2N3WHhvRElHTVY2cHdaZXdvckFUSUQ0WXg2aXBhQ1ZZUCUyQkRSOU0lM0Q

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ntn.ua/uk/(Line 39) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://match.prod.bidr.io/cookie-sync/atg?_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ntn.ua').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7db8959f1b945278b504af4512861d7e.safeframe.googlesyndication.com
a4p.adpartner.pro
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ajax.googleapis.com
ap.lijit.com
bidder.criteo.com
c.bigmir.net
cdn.contentspread.net
cm.g.doubleclick.net
connect.facebook.net
d.adtelligent.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
ghb.adtelligent.com
ghb1.adtelligent.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900030.redintelligence.net
i.bigmir.net
ib.adnxs.com
id5-sync.com
inter.ua
juke.mmi.bemobile.ua
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
ntn.ua
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.adtelligent.com
pm.w55c.net
prebid-eu.creativecdn.com
rtb.adxpremium.services
rtb.openx.net
s0.2mdn.net
scontent-cdt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bkrtx.com
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
google2waycm.netmng.com
104.102.29.65
104.90.104.248
104.90.154.178
104.90.192.27
13.248.245.213
136.243.149.243
142.250.185.98
142.250.186.66
151.101.194.49
169.50.137.182
172.217.16.130
178.250.0.157
178.250.0.165
185.184.8.90
185.33.221.13
193.239.68.97
193.239.71.100
194.247.175.25
194.247.175.26
194.247.175.38
213.19.147.44
216.200.232.249
216.52.2.30
23.227.139.243
2600:9000:224a:2600:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:3038::6815:e9e2
2606:4700::6810:7caf
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:400c:c06::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::7
2a0c:5c81:5120::2
2a0c:5c81:5142::2
3.122.83.72
3.248.54.145
3.33.220.150
35.186.253.211
35.244.159.8
44.229.209.14
45.133.44.4
46.4.10.49
51.89.7.202
51.89.9.253
52.49.236.237
54.38.197.123
66.155.71.25
69.173.144.165
78.46.100.190
85.114.159.93
88.99.69.161
03002f285167bb5b5904202b949a6c51680fa72b72e9ebf1de3c203a99d1b4bb
0326a9b3b7474d52cb6d04bbe07fc6609e991addcf5cc83696e319d67f172c34
0740b05ecb18441227c60d9bc57edb4c929db0e8c3cc2b5e9cc848139bb223e2
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
16aeedaae9f156009c88df266fc6b2c5eb01b603c20b46d7256462f26f0b773e
17380452670e8c3216bc2cf483c28eec5059a45c47cabf1b216e09a6815f12cb
17a99746b0a4baf21319ba7fd1b1e2906ff320db5ae12e39c3b8cccb00223809
19cb78a65b108af9eb44e7bbfa35fc26e55cdf5f41ea141ec4a30a10c88c77ed
1a59760fea36e240c66e6cb4bdd5c0a4fab803dbbb5bdc87c2f12f8d6fa22211
1a63ae8451325ac53bd3ef756cbd88ed3a8148e3fb30d05938c99e222d3bb889
1c59d202cf8baa1dd433ecd9e8d4700103b2b811d08609da1f9d4c57712d7adf
1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e
1e397c6cd24daa8a7e13da7070338bfdf7a121a1454b3964d49c13e398afeb8d
1fdd36ee4fe79a0fc1aa84a0fc60cd1b8ba236fb165ef64880da706bfcf7c7e9
208b56903dbc6fb3b430a26c64a0f86260c4c8bed20720312cc160c2536cc9a2
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2bb2669a52d8b09380f3449e733ab3863190afc13c200bb81ccceda16e7dcad0
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31e216e0102702696bbf53d119b6e748503207da418fbb804647fbbb4d4c5617
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34a1db5dab654fcb01ca13f856762fab658a6a3f29b42f8015789779af68a99f
362d02cc5fe392b6ae6426a252d481ec5699b279820b89118904b060453eb538
37aedb6b495b56ae0ae5ef86c6810f02bc19f45627a8eb2fb6cb0d7ad10d61e8
381366d818edd69e678d1d5c919d91774a00458f48e8c5f477d30727a52af8b1
3834ae4e6f5e939900a4d4740c747805c4b0a0b3de2a11bf9eed90966c6e316c
3abe1d50aafde6d03b75351af751ef980dd9d02e1318dd18a62dcf918cea661f
3d34284797543624e83155f2560a435fd018c4e50984dd769856ff6260518b9a
3d71acaeae9ad6820144dd16ceee3b5445bc20e70072ce10deeb9cc5781cf85c
3e3536fba55c2de296f57e4712ed27b4cdc52cedc3053fd5af5199e6b545ad0f
3fc4788eba7596ea363458252c5292d9accb1f8ae3187b6d7d174ec5360ada91
40cb3cacce92fc2c3d13ec7239198abf2c2e97b665742a4fea4a703a0ad01717
412cdf2044788ea49817775c0f2721e23a37d0d703099216f8ad48a7e73ccba4
414409463cf488fb0a0b8e1d95ffa24b8d650fb582eefb311c54cb928bf92124
42c988a2ec0f9174ce94ba23912884cc986743792df9dc9b22881d824aad9eca
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
44af9fc763148ddd3fa467ffb14602fed7254ecec7697935e1cdd0d92481d202
47057a03aed7a53b879618baa1fe40c2cf470e8c6fe84737163ca94c340f9d81
49329619a159bfb35202ea4ee9b2d10cf810983aff0a0e4d987f3ba5e1c1b659
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca2074fdeec9bd4b9909e99b1c85aadbe318a83e62d99ae8a10a1d3e5aa79c4
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecd508aad794a6ed4455e1d7c45f43521926fb86909a8cf41d92441e11b8191
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51235696640bceca0a05b98399d39e1d44c369dca5e7a295a07e2d7d9f031985
51ff2041db8ced77111c23ad1fdb6c436a204635d7dce7f86c3a03b9dfb631c1
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a4d0814fb3525fcd7a0662570193fefce4a028256cb773e490c4b06f0e2d5
5894efec8f9ae727dc14f30e4ef20c9faf9ea2c86f570a287b061e6b1dd25fde
58e1d2afc44a6f18f03d4bd19bb18c236aa89cd13aa728996b14cdda66df454e
5a1190ca36032aea1bf5bb79a0be001fd17db6de169bbce0473fd681d922c2e2
5b7b57e53fee02c97a15aa8ff8be4ed26df2dd422d76b4f70f9866f4efa4ea24
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d40bed0a850cc62b9bee0b3f5b56b375369fd77be705d8b7aaea4c52861b1d6
5f8f778eb27c1a497582f53cba8bcc05a4492d1e05284b65a9d96e8f36c69de4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a1fddbf073c2dc9a0a9e04e6b20e593f1bde7740ca7a686439bcc0b3026d6a
62f93ecb194463551254b9939551d09fc56bc0e6b76c31194b122c5cc0f22545
63412ed99863cb16f052f2cce59ec6dcd3ce97096306f1814255a086db9e8fe7
6400b298d51a07b76ae017a62d74af08fd20e249b564f7503712362f2c6710ce
64781227b7b00b7dca5ac7fff5535cadd501a785112732f8c5297928f959888f
65aa6ff7f8bd1d83eeb5af948eb307376d4f44faae2d8333ec815ee0e86ab8b1
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6a100cb1914e8a4ae5ac33f699c795c3c400675e10ba57060d7e192e1c46a5ff
6a7ee99f99266cdf5847765b824e9703f6b64ca4ef02ba1810dd6f32b5d96e78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e45b2d12007122c9c32001032dd4cc0695449cf08973d6f86ae4e0655819dbe
72244f28046988c7bb270cd057df6a1b0ce621bd320115d957f9969ff90822d1
75e6f1025b2fba30808546e72373a8a160f2425c2c54a0a946f8844a7db0040e
7664c1ba21942bd39804692046f89a591d6ff83a1b7cc29239a0d7bb5c91953f
77fbd5f5d22fc14637b7b9206953ca39efcfa1d0eda4d51247318762660c4151
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7d856847402c3364ef3f2a44db48934f52cb1124cdf804f810512a5300bd2824
8154e39f3e7d0d371e5525d9907ef2e70cff7e389f6e751b4bae412fdbe1b866
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
88bba9edfe62a220e90be5fe1ba14c9ac751490f500b1e6e5fe25cb2c824c9ea
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89d89932050bcd46e3f26db1ef574764616155710ca9793bc855bbdcc25d87ef
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ba7fc1dbf2b813f54a1607b24d3787085661ee777eb9ed66197e2673607347e
8bbe2679d44a1fc74827066d51144859932d36f0dcd9e4bbc8c6b72fe5ff3073
8bff644d210680cf173f5bb6518c8f8afcaaafff45dcbb5bf4a02cbcf62be670
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
95dd6865cd73589629a72003cfc7a4f4b2af96b6e692a245369ced73ef487f83
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
986416a58791f99bdde0b17c2b78dbdbf1f56de883b0ae0d5081fffedbccb38e
9a541acb4b10ffaea3c03416c27b95aa3826acc22c7cb80a44046ab61bfbd72d
9a7f76fdc1930049302dff8d3cb5e6e0cbfcf8feb6d1b1a06ef16a7445b05111
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a375f5042f3615db22984bf9db9b9d07bd5923a9d4d337b4747696142d2a9e59
a4369298c59a408181f3c0f99f7754f24afd77b65618aa0d7bd8cf94f03a2b96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a60dd4d6d8e4acef982841ffd485003084a401f218cfaf75273a563d871de611
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7806ebbc8e1a98bb6fd9ff022f2e0e96df951a3ef11de8c5e4c04a36d63e04
aad8052483eabc894d2a5f1963777caa67e429d216f7c73b6ace708306c68f31
abd8692c0357cdc68904b23a95002546b05b80176508f5f0a6cd4258fce6617f
abe40cfa31540c665cfcef441f51c5456d1ce107208ab6a43e1e5eed00e8359e
ade6e5c64a5f00959d9c80f5e1757fac9f19207d37cee2879a24bdb2f4321aca
afaac8f389e0f0347225f6c0225ee1639ea8adc0439a35135056d6fa2a0ee1b2
afac71923f02cb655123ccb9fd3b87fcf2da222ffa962bc47449e4dd7bb5c2d9
b09f1ccac5b541c51d8d3cfaf003baba9bd0ecb1ede1444057dd41d0d43ad58a
b0c4b081ef70f3eb0a934344392df220f0439f91a9b5e8aea93c71dec0beb416
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1db32ecf1cdc548f220511264926d196b1b5561aa435ad99de4d7d30856557c
b2501071cfb347a3518d1637f4dfe535507c824cf235d7c5f61bcfd086033cc1
b4c20df02077c26385577801eb8897f405a95c63d0c26ee24ac3b4e2043f302d
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88414e57f13a0d5675804c8ce82e9ac4b1680358e123baff030c6f2da882f39
ba57163ba0fde873bab500a55da75d6fb1d00135fd9b0bff4552dfc2f0c2c7a9
bb603e9d8681e4056af140a5d281a3e1da054fe3aabe9949932f8a80456c7fd8
bb7af425c43258678e12b76bf22f6eaab51fd7dfd6e285131a86a3002d547ee9
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bdbf47fbfd5f6780e995c557d969feb8ee28137e21bb7129bd71625f1a9daf28
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c134d52ca008c3bafe0844d9ecf32da0077797f86e8a80bb381ec05f360ee189
c1f5a6d27190b950d33fcc7a4def27c9d5734ce5705e799e9e8a333a390e3bce
c4a6e289ea981b353e88457da65f62626da3a70a2e7e2ddbdcc542a8da491c76
c5e52f40b619e103483256eb589f4f98b4caa8e189e8c57dec9a91fd1a1a5315
c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc
ce04189370ecaa0cc5e3f50d3311f86ef42ea688519a093319460e54e43a9f9b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d2343c85bc2821e75541c4d4d0dcb510c267ebc96baf367af57309de6baae8a5
d747bc0ec8a549bb25f0bab199d8e3019bcea7cfaf1438d55da2fabcff48f2c3
d86f24d55427f958c0d78bed1d476845161a43e6cd38ba2362c8351e3d745378
d942b6eebcffa564cf2969b807b042df53bcf6471948254b63162cbf7b45412e
da84bce8a2f715182ab131bd1367073145e6807204f213d30048cb20cf6f90de
da97b6661b2a61de0d56e15c069de457fae3f67028c0de1b8fbfce2c2bdfadf7
daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035
dc93e10b0edae9775fce86a8fe5e1a93870d415a0459184b00dbd8852ce364c6
dd2bce59ebd1263c380cdcc2c573f036bb70352131e6c550af8f929024c80858
dd65581b93e9ce19d1bbdaf1e94b4996ca2b0a363bf52e6bcafc2ebe5c0da1b2
dd8d9f66bb6444b64ebdd9c4441c267417d2be60bc7a74806d7c3746cf6109df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de374484df39f525b35a5a5bc8f64a8c00b3c6d2c95e353bbe077710adc49620
df0cb2f60149e209f27d9a32d860297111b0bd9788b71cc5ebcebb9fa405b89c
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
e1ef4c6ee8e9ba88ac805bb20fde15e424eb1b20ecd033bf5d81890038d22254
e2f2fc03897e6b55effb57b15a6b6986a754b236f7c934589279ca1189f79b06
e311081b4fc79e541ce49419adc15e25e34d92e1cdcc766c18aa61821ae7e597
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a348371f57afc03cb0fb301990daed6d812024631df2e6602f818193a074cb
e7f0d78862e5bf61ae9af1709638702b0e0a078b4fd2cd4119927a1bd2a3f20f
e9dd66b4edec6409af2070004b051321b8108390821cec813104035f2271353d
ea314b6c5450385987b107e9c0635ad77027eea04baf0219488652fb301a4d1f
ea880f80a81e709d0deb3a1a8199827cb6cdb365782cdbd7a5aab215da5e413f
ee553c847b17af2ffc8d1ae1dc81c1fa6c8356246c31bd80e0a470097ec4430e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ebc75cbe0a2b0afb94bd74511c828de445a5f10bff01dc7ab08bf343c39b91
f4af3262c604d9ca5d1e61f23af267420db3393d18c9a3dcd604548054cbcf7a
f6bfea0bfaf58f5379f225a0dd59050f89614fd56b9a2afc495503eaac76caea
f710f315f78ed161e59f889d74ad5dca25c3bf658e923c95de6c220ae1c2a80c
f9c6f48908ed95c62c11af1eba731178c21d24425b680774370a153bb272edd9
fa12df2f1880c7a16703529076b74f52a9aae3278fd6e42e6832077dd0ee3575
fb610bb70bce4734279569cdf5f1d863118c3fa67a64c1899fd9d87881ae9dd6
fbbe154909f23ee97bde849e6a052aa2d421e45cc66caf649fca49d6ed6ba88b
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
fc19d1432667a92d1c967150374715f0a3af9c2ef0eb0ed998df4a3579bd04ff
fd794f1dfe14db0d7027596043d9987eb560aba7e210a59a6c24b3b27b029fa4
fd9a9782fa2997a2ca1492e41ecf175d602ebc1e51dab39ef92e24f7ae9ee8ea
ff1aafa6c095f839ff3069c941d9c74b3e43f4b807820186d961960dc1b4f5c0
fffb27404635095b2e7712ed9c8af9cfe30334eb5c15e0996242f4b8bfed022d

ntn.ua Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

304 Requests

87 %HTTPS

38 %IPv6

50 Domains

74 Subdomains

57 IPs

10 Countries

3786 kBTransfer

8941 kBSize

40 Cookies

18 Outgoing links

Page URL History

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ntn.ua Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

87 %
HTTPS

38 %
IPv6

50
Domains

74
Subdomains

57
IPs

10
Countries

3786 kB
Transfer

8941 kB
Size

40
Cookies

304 HTTP transactions
5 data transactions