espreso.tv Open in urlscan Pro
104.18.10.148 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-banki...
Submission: On December 20 via api (December 20th 2024, 5:25:42 am UTC) from UA — Scanned from PL

Summary HTTP 146 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 26 domains to perform 146 HTTP transactions. The main IP is 104.18.10.148, located in and belongs to CLOUDFLARENET, US. The main domain is espreso.tv. The Cisco Umbrella rank of the primary domain is 927449.
TLS certificate: Issued by WE1 on November 10th 2024. Valid for: 3 months.

This is the only time espreso.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	104.18.10.148 104.18.10.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
15	89.184.82.24 89.184.82.24	28907 (MIROHOST ...) (MIROHOST Internet Invest)
1 4	54.37.238.28 54.37.238.28	16276 (OVH OVH SAS) (OVH OVH SAS)
1	146.59.30.100 146.59.30.100	16276 (OVH OVH SAS) (OVH OVH SAS)
4	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.251.173.154 142.251.173.154	15169 (GOOGLE) (GOOGLE)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
9	169.150.247.36 169.150.247.36	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
8	104.18.164.66 104.18.164.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
3	167.235.37.234 167.235.37.234	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
10	3.15.36.93 3.15.36.93	16509 (AMAZON-02) (AMAZON-02)
6	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
3 9	51.83.220.94 51.83.220.94	16276 (OVH OVH SAS) (OVH OVH SAS)
1	146.59.69.183 146.59.69.183	16276 (OVH OVH SAS) (OVH OVH SAS)
1 1	54.38.113.3 54.38.113.3	16276 (OVH OVH SAS) (OVH OVH SAS)
1 2	87.248.119.251 87.248.119.251	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
3	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
2	138.199.36.11 138.199.36.11	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	185.59.220.198 185.59.220.198	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	18.245.31.65 18.245.31.65	16509 (AMAZON-02) (AMAZON-02)
1	91.194.251.83 91.194.251.83	42352 (QOS TOV '...) (QOS TOV 'Dream Line Holding')
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
146	34

36 104.18.10.148 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

espreso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 89.184.82.24 (Kyiv, Ukraine)

ASN28907 (MIROHOST Internet Invest, Ltd., US)
PTR: 2-espresso.tv

static.espreso.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.173.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 169-150-247-36.bunnyinfra.net

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

player.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.164.66 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.37.234 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.234.37.235.167.clients.your-server.de

sghb.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.15.36.93 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-93.us-east-2.compute.amazonaws.com

kinesis.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.83.220.94 (Poland) 3 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: app-ngx-pl-03.radius.technology

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bidder.smartytouch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.69.183 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-01.greencuttlefish.com

server.smartytech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.113.3 (France) 1 redirects

ASN16276 (OVH OVH SAS, FR)
PTR: falcon-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.36.11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 138-199-36-11.bunnyinfra.net

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 185-59-220-198.bunnyinfra.net

video-content.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.251.83 (Kyiv, Ukraine)

ASN42352 (QOS TOV 'Dream Line Holding', UA)
PTR: unallocated.qos.kiev.ua

membrana-cdn.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	espreso.tv 1 redirects espreso.tv — Cisco Umbrella Rank: 927449 static.espreso.tv	324 KB
10	amazonaws.com kinesis.us-east-2.amazonaws.com — Cisco Umbrella Rank: 32806	3 KB
9	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 49507	266 KB
8	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 82736 c.idealmedia.io — Cisco Umbrella Rank: 76624 servicer.idealmedia.io — Cisco Umbrella Rank: 81631 s-img.idealmedia.io — Cisco Umbrella Rank: 78291 autocounter.idealmedia.io — Cisco Umbrella Rank: 115031 cm.idealmedia.io — Cisco Umbrella Rank: 14603	155 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108 www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 google.com — Cisco Umbrella Rank: 1	133 KB
7	adpartner.pro 3 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 7889	5 KB
7	bidmatic.io player.bidmatic.io — Cisco Umbrella Rank: 70466 sghb.bidmatic.io — Cisco Umbrella Rank: 69606	198 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	165 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 131525 ls.hit.gemius.pl — Cisco Umbrella Rank: 28536	22 KB
4	gstatic.com fonts.gstatic.com	82 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687	90 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	320 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 506	151 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
3	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 53013 video-content.b-cdn.net — Cisco Umbrella Rank: 86527	15 KB
2	smartytouch.co bidder.smartytouch.co — Cisco Umbrella Rank: 58478	3 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194 ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	512 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	15 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	17 KB
1	membrana-cdn.media membrana-cdn.media — Cisco Umbrella Rank: 66250	26 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45	9 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 13719	1 KB
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2657	402 B
1	smartytech.io server.smartytech.io — Cisco Umbrella Rank: 54685	338 B
1	google.pl www.google.pl — Cisco Umbrella Rank: 28032	408 B
146	26

	Domain	Requested by
36	espreso.tv	1 redirects espreso.tv
15	static.espreso.tv	espreso.tv
10	kinesis.us-east-2.amazonaws.com	cdn.membrana.media
9	cdn.membrana.media	espreso.tv cdn.membrana.media
7	a4p.adpartner.pro	3 redirects bidder.smartytouch.co
6	cdn.jsdelivr.net	cdn.membrana.media
4	fonts.gstatic.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	espreso.tv securepubads.g.doubleclick.net imasdk.googleapis.com
4	player.bidmatic.io	espreso.tv player.bidmatic.io
4	gaua.hit.gemius.pl	1 redirects espreso.tv gaua.hit.gemius.pl
4	www.googletagmanager.com	espreso.tv www.googletagmanager.com cdn.membrana.media
3	region1.google-analytics.com	www.googletagmanager.com
3	s-img.idealmedia.io
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
3	sghb.bidmatic.io	player.bidmatic.io
2	google.com	www.googletagmanager.com
2	imasdk.googleapis.com	cdn.membrana.media imasdk.googleapis.com
2	ym-tack.b-cdn.net	cdn.membrana.media
2	bidder.smartytouch.co	espreso.tv
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	membrana-cdn.media	cdn.jsdelivr.net
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	lh3.googleusercontent.com
1	fonts.googleapis.com
1	cm.idealmedia.io	jsc.idealmedia.io
1	autocounter.idealmedia.io
1	video-content.b-cdn.net
1	servicer.idealmedia.io	jsc.idealmedia.io
1	player.adtelligent.com	player.bidmatic.io
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	server.smartytech.io
1	c.idealmedia.io
1	jsc.idealmedia.io	espreso.tv
1	www.google.pl	espreso.tv
1	www.google.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
146	42

This site contains links to these domains. Also see Links.

Domain
global.espreso.tv
zahid.espreso.tv
bc.espreso.tv
www.facebook.com
twitter.com
www.radiosvoboda.org
t.me
www.instagram.com
m.me
www.youtube.com

Subject Issuer	Validity	Valid
espreso.tv WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.espreso.tv Sectigo RSA Domain Validation Secure Server CA	`2024-06-28` - `2025-07-15`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2024-09-12` - `2025-09-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.pl WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdn.membrana.media R11	`2024-11-09` - `2025-02-07`	3 months	crt.sh
player.bidmatic.io R10	`2024-12-09` - `2025-03-09`	3 months	crt.sh
idealmedia.io WE1	`2024-11-27` - `2025-02-25`	3 months	crt.sh
sghb.bidmatic.io ZeroSSL ECC Domain Secure Site CA	`2024-11-18` - `2025-02-16`	3 months	crt.sh
kinesis.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-11-21` - `2025-11-05`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
player.adtelligent.com R10	`2024-11-09` - `2025-02-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2024-11-05` - `2025-11-11`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
smartytouch.co E5	`2024-10-31` - `2025-01-29`	3 months	crt.sh
membrana-cdn.media E5	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
adpartner.pro E6	`2024-10-31` - `2025-01-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Frame ID: F62C72E972B9709FFF2A000E66337B8D
Requests: 126 HTTP requests in this frame

Frame: https://espreso.tv/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 1F56FC372BB9EC09F383D795B3E46722
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 032C5C8C2ACD17BB2915E18C41BAF690
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fespreso.tv
Frame ID: C9222018B1AEF0814A40FDC41B1836AE
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: EDB09622EF145C6B94C5C39347D0BDF0
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1
Frame ID: 1D1933223D30978F5F4F3B8A84B15ED4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5EB1115A36662C9B9F6DDBF169FD181D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=9b164af3-33dd-4b96-a00f-1f7d6e568ced&site_visited=1&location=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&referer=
Frame ID: 1493242E6F1A8AEE61FC8713F16EF9FD
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=175&apuid=2cce4cd3-8ba8-407c-9d79-966314a782eb&session_pageview=1&session_id=9b164af3-33dd-4b96-a00f-1f7d6e568ced&site_visited=1&location=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Frame ID: 5BEA84AEE7113080500AF73A8B650780
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25228c914e88-9207-40d7-8d62-8cc049af4fc0%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A175%252C%2522region_id%2522%253A106%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi%2522%257D
Frame ID: EC57F686EF0DF94FA29A3951002FAB60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Схеми: Громадянка РФ скупила активи ліквідованих російських банків на 3 млрд грн | Еспресо

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

146
Requests

94 %
HTTPS

0 %
IPv6

26
Domains

42
Subdomains

34
IPs

7
Countries

2213 kB
Transfer

7312 kB
Size

27
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://global.espreso.tv/
Title: English

Search URL Search Domain Scan URL

URL: https://zahid.espreso.tv/
Title: Еспресо.Захід

Search URL Search Domain Scan URL

URL: https://bc.espreso.tv/
Title: Еспресо.Біла Церква

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%D0%A0%D0%BE%D1%81%D1%96%D1%8F%D0%BD%D0%BA%D0%B0%2C+%D0%BF%D1%80%D0%B8%D1%85%D0%BE%D0%B2%D0%B0%D0%B2%D1%88%D0%B8+%D0%B3%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D1%81%D1%82%D0%B2%D0%BE+%D0%A0%D0%A4%2C+%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8+%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%85+%D1%80%D0%BE%D1%81%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%B8%D1%85+%D0%B1%D0%B0%D0%BD%D0%BA%D1%96%D0%B2+%D0%B2+%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96+%D0%BD%D0%B0+3+%D0%BC%D0%BB%D1%80%D0%B4+%D0%B3%D1%80%D0%BD%2C+-+%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%0Ahttps%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Search URL Search Domain Scan URL

URL: https://www.radiosvoboda.org/a/skhemy-hromadyany-rf-yevsyeyeva-aktyvy-likvidovanykh-bankiv/33243355.html
Title: розслідуванні

Search URL Search Domain Scan URL

URL: https://t.me/+UMhj6wND_LxL2eWM
Title: Читати Еспресо в Telegram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/espreso.tv/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/espreso.tv

Search URL Search Domain Scan URL

URL: https://twitter.com/EspresoTV

Search URL Search Domain Scan URL

URL: http://m.me/espreso.tv

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/EspresoTv/featured

Search URL Search Domain Scan URL

URL: https://t.me/espresotb

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://espreso.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://espreso.tv/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

Request Chain 56

https://gaua.hit.gemius.pl/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=a.zV44GKtJhg0S2ZRJdhwlkU8ovqySzpcCvxrGqLsDr.97Q4La_STMcC7qjgDULarWAdwWEJjmCrYAaHwAmDKd.znN3k/wvDNlYAmWOZFD/&fpdata=vg8q5J6sQ0qqiSK44xrEqgNsu._PUVgor4kkII7t3yH.C7%7C1734672338%7C2%7C%7C%7C8%2C3%2C32&ltime=197&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6764ffd21ae6bf65&brts=1734672338&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=a.zV44GKtJhg0S2ZRJdhwlkU8ovqySzpcCvxrGqLsDr.97Q4La_STMcC7qjgDULarWAdwWEJjmCrYAaHwAmDKd.znN3k/wvDNlYAmWOZFD/&fpdata=vg8q5J6sQ0qqiSK44xrEqgNsu._PUVgor4kkII7t3yH.C7%7C1734672338%7C2%7C%7C%7C8%2C3%2C32&ltime=197&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6764ffd21ae6bf65&brts=1734672338&fpcap=

Request Chain 82

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D HTTP 302
https://server.smartytech.io/icm.gif?uid=ec7c040d-96c2-4381-97a8-181b43b6e21c

Request Chain 83

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=283&mapped=16fb29a3-b292-4fbb-aa50-0c1f853321db&gdpr=0 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

Request Chain 84

https://a4p.adpartner.pro/ssp/match?redirect=https://bidder.smartytouch.co/icm?uid=%7Buser_id%7D HTTP 302
https://bidder.smartytouch.co/icm?uid=8c914e88-9207-40d7-8d62-8cc049af4fc0

146 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi Show response
espreso.tv/ 108 KB
29 KB 122ms
49ms Document
text/html 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.32
Resource Hash: 736667745e8a015c3bce5350290b51b7a98b7b855d6e216a3eb745d851c116f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 30
back-end-time: 2024-12-20 07:25:08
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8f4d3680befd3bcb-WAW
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 20 Dec 2024 05:25:38 GMT
expires: Fri, 20 Dec 2024 05:26:38 GMT
last-modified: Fri, 20 Dec 2024 05:25:08 GMT
link: </svg/logo-desktop_new.svg>; rel=preload; as=image, </img/mobile-logo_new.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-fastcgi-cache: MISS
x-powered-by: PHP/7.3.32

GET
H2 200 logo-desktop_new.svg
espreso.tv/svg/ 5 KB
0 71ms
70ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/svg/logo-desktop_new.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e411988255e02c91367385f5c09d16e80f02a9cf4f2f26f3ca6e36e98b49475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"655229ce-13c1"
age: 5
cf-ray: 8f4d36810f373bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Nov 2023 13:51:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mobile-logo_new.svg
espreso.tv/img/ 2 KB
0 78ms
78ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/mobile-logo_new.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55e1c6890181c506274ab274b1ceef20e3df6420cd7c493cefee621bbbb6b5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"655229ce-65b"
age: 25
cf-ray: 8f4d36810f383bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Nov 2023 13:51:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Bold.ttf
espreso.tv/css/fonts/ 58 KB
0 21ms
21ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Bold.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-e6ec"
age: 21
cf-ray: 8f4d3680ff253bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 59116
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Regular.ttf
espreso.tv/css/fonts/ 59 KB
0 48ms
48ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Regular.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-eaec"
age: 7
cf-ray: 8f4d36810f343bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 60140
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 GothamPro.ttf
espreso.tv/css/fonts/ 40 KB
0 61ms
61ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/GothamPro.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-9e10"
age: 21
cf-ray: 8f4d36810f353bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 40464
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Medium.ttf
espreso.tv/css/fonts/ 58 KB
0 71ms
71ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Medium.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-e9ac"
age: 5
cf-ray: 8f4d36810f363bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 59820
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 app-news.css
espreso.tv/css/client/ 103 KB
19 KB 79ms
79ms Stylesheet
text/css 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61110a1011b58f2e06d83a7f907f108a7efa2c7d0cdbd39c911f32719007792

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6762d42b-19d43"
age: 9
cf-ray: 8f4d36811f443bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: text/css
last-modified: Wed, 18 Dec 2024 13:54:51 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 414 KB
133 KB 197ms
100ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

73a6c45f0078bb1effaa54988dbf22b20f304e00a50d0ce9941d3ab560afee94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 05:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136019
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 home_svg.svg
espreso.tv/img/ 1 KB
652 B 77ms
77ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/home_svg.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457af3e64c0c9f521adab81c34598c7a111d1e02ca698f4ff88e1b0c58d8f6af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"600f00cc-44e"
age: 12
cf-ray: 8f4d36811f453bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 17:33:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 px.gif
espreso.tv/img/ 43 B
261 B 67ms
67ms Image
image/gif 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/px.gif
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cf-bgj: imgq:100,h2pri
etag: "6163eaca-2b"
age: 12
cf-cache-status: HIT
expires: Sat, 20 Dec 2025 05:25:38 GMT
cf-polished: status=not_needed
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/gif
last-modified: Mon, 11 Oct 2021 07:42:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
pragma: public
cf-ray: 8f4d36811f473bcb-WAW
accept-ranges: bytes
content-length: 43
server: cloudflare

GET
H2 200 facebook_share_new.svg
espreso.tv/img/ 443 B
567 B 63ms
60ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/facebook_share_new.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5785fc915e92d5e3a0b57937ddd092eb5d3bc72294427b4b8f1a967f8f063af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654352bd-1bb"
age: 5
cf-ray: 8f4d3681dfbe3bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Thu, 02 Nov 2023 07:41:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 x_share.svg
espreso.tv/img/ 432 B
664 B 69ms
66ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/x_share.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46440d0e46cff23b0cf64b63670085ab88fb36656e469f89d3f78f2b0ae0169b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66275317-1b0"
age: 8
cf-ray: 8f4d3681dfbf3bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 06:20:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 telegram_63dbe0aa8b13c.svg
static.espreso.tv/uploads/content/social-ico/ 871 B
1 KB 154ms
55ms Image
image/svg+xml 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/content/social-ico/telegram_63dbe0aa8b13c.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 2b979bca801cc23f0f1c3b403fa5b9c36a83bb40f9ee59504729cada80034d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "63dbe0aa-367"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 871
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Thu, 02 Feb 2023 16:11:22 GMT
server: nginx

GET
H2 200 new-E-LIVE_ukr2.jpg
espreso.tv/img/holders/ 7 KB
7 KB 64ms
61ms Image
image/jpeg 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/holders/new-E-LIVE_ukr2.jpg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fa435602b72555524580db7567a92bc2924c8d3a3ef1f7fb29e3e81023cf17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cf-bgj: imgq:100,h2pri
etag: "655229ce-2944"
age: 1
cf-cache-status: HIT
expires: Sat, 20 Dec 2025 05:25:38 GMT
cf-polished: origSize=10564
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/jpeg
last-modified: Mon, 13 Nov 2023 13:51:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
pragma: public
cf-ray: 8f4d3681dfc03bcb-WAW
accept-ranges: bytes
content-length: 6823
server: cloudflare

GET
H2 200 email-decode.min.js Show response
espreso.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 38ms
38ms Script
application/javascript 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espreso.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-4d7"
x-content-type-options: nosniff
cf-ray: 8f4d36818f8e3bcb-WAW
expires: Sun, 22 Dec 2024 05:25:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 build-news.js Show response
espreso.tv/js/client/ 347 KB
110 KB 49ms
46ms Script
application/javascript 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947b57c65471acbbcacd177e28206f1ec71f1d93da43f07f7cb7b153924ab5e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6762d00d-56c18"
age: 16
cf-ray: 8f4d3681afa43bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 13:37:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
79 KB 164ms
68ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3JGJJ

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0f6eec825e70695555c04ad585dfa074403f93c86dd2ad619330b6599fc19235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 20 Dec 2024 05:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80603
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 70 KB
20 KB 149ms
54ms Script
text/javascript 54.37.238.28
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 0316d4a1d8f6f9e6d576e5b4630a7f14f4fb3dc7d9c91410004aa365b1c2bdae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=43200
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Fri, 20 Dec 2024 17:25:38 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 20492
date: Fri, 20 Dec 2024 05:25:38 GMT
last-modified: Wed, 11 Dec 2024 07:33:05 GMT
vary: Accept-Encoding,Origin
server: GHC
content-type: text/javascript

GET
H2 200 px.gif
espreso.tv/img/ 43 B
0 1ms
1ms Image
image/gif 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/px.gif
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cf-bgj: imgq:100,h2pri
etag: "6163eaca-2b"
age: 12
cf-cache-status: HIT
expires: Sat, 20 Dec 2025 05:25:38 GMT
cf-polished: status=not_needed
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/gif
last-modified: Mon, 11 Oct 2021 07:42:02 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
pragma: public
cf-ray: 8f4d36811f473bcb-WAW
accept-ranges: bytes
content-length: 43
server: cloudflare

GET
H2 200 home_svg.svg
espreso.tv/img/ 1 KB
0 2ms
2ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/home_svg.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457af3e64c0c9f521adab81c34598c7a111d1e02ca698f4ff88e1b0c58d8f6af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"600f00cc-44e"
age: 12
cf-ray: 8f4d36811f453bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Mon, 25 Jan 2021 17:33:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 facebook_share_new.svg
espreso.tv/img/ 443 B
0 65ms
65ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/facebook_share_new.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5785fc915e92d5e3a0b57937ddd092eb5d3bc72294427b4b8f1a967f8f063af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654352bd-1bb"
age: 5
cf-ray: 8f4d3681dfbe3bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Thu, 02 Nov 2023 07:41:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 x_share.svg
espreso.tv/img/ 432 B
0 69ms
69ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/x_share.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46440d0e46cff23b0cf64b63670085ab88fb36656e469f89d3f78f2b0ae0169b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66275317-1b0"
age: 8
cf-ray: 8f4d3681dfbf3bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 06:20:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bx_bxs-down-arrow.svg
espreso.tv/css/client/img/ 786 B
759 B 60ms
59ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/css/client/img/bx_bxs-down-arrow.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f9e3bf5329c277674a387af703da3ee8b93ab69f48b357cae8d80b70a472b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60547a9f-312"
age: 11
cf-ray: 8f4d3681dfc13bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Mar 2021 10:19:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 active_rubrikator.svg
espreso.tv/css/client/img/ 636 B
1 KB 63ms
63ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/css/client/img/active_rubrikator.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30582fe6ab33b3669b1daa105082da8f4aa23d96874230a1199da84632df85a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654352bd-27c"
age: 29
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Bs.66IPO1HCkKh4n58JcKffbaVOfotUoldqy4hqut9o-1734672338-1.0.1.1-W4pktJC394QGxVHcZ_9gNDHm32vR..xBIZLzxXidp5DNbaSIIqS.N1fwRBRNqZg5iAFDzWW35gWUfPiDcGNc78cuvWaXNNGZ5SkDyAi9X7.zvNK8chn4k53KeRR99eZ2bIJZ62rbTFow8uMvs2xR8g"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Bs.66IPO1HCkKh4n58JcKffbaVOfotUoldqy4hqut9o-1734672338-1.0.1.1-W4pktJC394QGxVHcZ_9gNDHm32vR..xBIZLzxXidp5DNbaSIIqS.N1fwRBRNqZg5iAFDzWW35gWUfPiDcGNc78cuvWaXNNGZ5SkDyAi9X7.zvNK8chn4k53KeRR99eZ2bIJZ62rbTFow8uMvs2xR8g; report-to cf-csp-endpoint
cf-ray: 8f4d3681dfc33bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Thu, 02 Nov 2023 07:41:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 play-icon.svg
espreso.tv/svg/ 551 B
606 B 83ms
83ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/svg/play-icon.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4681c6b5ce2f7549eec273f6e0c1aa7b6d50b4d5f5fecab2790b29bf2cb1976c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5fd86fcf-227"
age: 29
cf-ray: 8f4d3681dfc43bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 voute_arrow_white.svg
espreso.tv/img/ 441 B
518 B 65ms
65ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/voute_arrow_white.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5725950dfca860da5fde6d0cb442f094d47664536c7d60af28c4f336a0d1065e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5fd86fcf-1b9"
age: 29
cf-ray: 8f4d3681dfc53bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

main.js Show response
espreso.tv/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 1F56
Redirect Chain

https://espreso.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://espreso.tv/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
4 KB

49ms
49ms

Script
application/javascript

104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://espreso.tv/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Server

104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f3874642365028c18f83e93467e50777b8ed351819bda5d5477e95ef11a4c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8f4d368288303bcb-WAW
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cf-ray: 8f4d36823ffa3bcb-WAW
access-control-allow-origin: *
content-length: 0
date: Fri, 20 Dec 2024 05:25:38 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 get_forms Show response
espreso.tv/question/ 73 B
1 KB 80ms
79ms XHR
application/json 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/question/get_forms?17346723382665
Requested by: Host: espreso.tv
URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.32
Resource Hash: eec43f4e547503dd4405a17d90c1efa320af4ee111207d409d04fda8870d4188

Request headers

X-CSRF-TOKEN: Ky2KN4aI5PkAI4xBCxKul8Higy6HMN4aVviiUouw
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=UTF-8
redaction_id: 1

Response headers

link: </svg/logo-desktop_new.svg>; rel=preload; as=image, </img/mobile-logo_new.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8f4d368248033bcb-WAW
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.3.32
server: cloudflare

GET
H2 200 slick.woff
espreso.tv/css/client/fonts/ 1 KB
2 KB 71ms
70ms Font
font/woff 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/client/fonts/slick.woff
Requested by: Host: espreso.tv
URL: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/css/client/app-news.css?id=c07394718edf9701f166

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "64e33102-564"
age: 27
cf-ray: 8f4d3682882f3bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 1380
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: font/woff
last-modified: Mon, 21 Aug 2023 09:40:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 372534_185809-1_large_copy_new_960x500_0.webp
static.espreso.tv/uploads/photobank/372000_373000/ 116 KB
117 KB 50ms
48ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/372000_373000/372534_185809-1_large_copy_new_960x500_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: fca257c7b106dc65ada2ff46e41b24d9ffe192493abda8854277b27d4860a794

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "67631847-1d1c8"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 119240
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 18:45:27 GMT
server: nginx

GET
H2 200 318033_obstril_reuters_new_80x50_0.webp
static.espreso.tv/uploads/photobank/318000_319000/ 632 B
846 B 96ms
94ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/318000_319000/318033_obstril_reuters_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: dc4a147064e6daba7050db0e8241dc49b1fbb865ac5e5fcf6e791c3a2aa15b89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d4a1-278"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 632
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:56:49 GMT
server: nginx

GET
H2 200 320734_rus-kerdik_reuters_new_80x50_0.webp
static.espreso.tv/uploads/photobank/320000_321000/ 2 KB
2 KB 97ms
95ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/320000_321000/320734_rus-kerdik_reuters_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 19bf71bdf42ba7e514b215d2b842343315ba61d4993aabbd17d7e3befd010f9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d482-6e6"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 1766
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:56:18 GMT
server: nginx

GET
H2 200 341946_Shahed_gettyimages_new_80x50_0.webp
static.espreso.tv/uploads/photobank/341000_342000/ 984 B
1 KB 98ms
96ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/341000_342000/341946_Shahed_gettyimages_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: c8965b75ee8e8da5b0bccf088e3637d5500cf3acd1dd9e038f586248c20b166e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d49e-3d8"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 984
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:56:46 GMT
server: nginx

GET
H2 200 331419_fRsDiWeWezBGaO1ZSEbprNNSIAoZbqrBeQHlVMzB_new_80x50_0.webp
static.espreso.tv/uploads/photobank/331000_332000/ 838 B
1 KB 98ms
97ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/331000_332000/331419_fRsDiWeWezBGaO1ZSEbprNNSIAoZbqrBeQHlVMzB_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 58680276aeb927baf3a354c7294edb9ecdb99073c00a98421a8b51dd7bef1b7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d49d-346"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 838
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:56:45 GMT
server: nginx

GET
H2 200 372726_470472634_1011333747701181_8491095084909429091_n_new_80x50_0.webp
static.espreso.tv/uploads/photobank/372000_373000/ 2 KB
2 KB 99ms
98ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/372000_373000/372726_470472634_1011333747701181_8491095084909429091_n_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 489229e91baa64ed39a2e925ed8e6212fcb208680c150b06fb97004ef7c057ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6764f4a0-88c"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2188
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Fri, 20 Dec 2024 04:37:52 GMT
server: nginx

GET
H2 200 271914_GettyImages-1245638252_new_80x50_0.webp
static.espreso.tv/uploads/photobank/271000_272000/ 2 KB
2 KB 100ms
99ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/271000_272000/271914_GettyImages-1245638252_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: fad908b878a641cb38660bd65edab516e06f3dc7dc25758f79292e660d35762b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d505-630"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 1584
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:58:29 GMT
server: nginx

GET
H2 200 363190_GettyImages-2180808128_new_80x50_0.webp
static.espreso.tv/uploads/photobank/363000_364000/ 1 KB
1 KB 101ms
100ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/363000_364000/363190_GettyImages-2180808128_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 822c7b25801ee0dabc618ab562de35abd6c93950d750156f2c93ca1916bf94bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d494-516"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 1302
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:56:36 GMT
server: nginx

GET
H2 200 299341_GettyImages-1169653347_new_80x50_0.webp
static.espreso.tv/uploads/photobank/299000_300000/ 2 KB
2 KB 102ms
101ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/299000_300000/299341_GettyImages-1169653347_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: cdef9057805a32902d50a4437ead1bc93a5ca35091a0feb717ce1914f40d968f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d52a-7d8"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2008
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 13:59:06 GMT
server: nginx

GET
H2 200 372720_GettyImages-476096215_new_80x50_0.webp
static.espreso.tv/uploads/photobank/372000_373000/ 2 KB
2 KB 105ms
104ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/372000_373000/372720_GettyImages-476096215_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: e105ec2bafa8947eda48bfc0998b2c69a8a34f4dfee473e6f409f9f901954f97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6764dc0d-7e2"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2018
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Fri, 20 Dec 2024 02:53:01 GMT
server: nginx

GET
H2 200 372724_GettyImages-2190430872_new_80x50_0.webp
static.espreso.tv/uploads/photobank/372000_373000/ 3 KB
3 KB 104ms
103ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/372000_373000/372724_GettyImages-2190430872_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: fc7910d656012af750f40a6bffcd9b52f486ecb1e47b2c04197c50523fc10b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6764ce1b-a5c"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2652
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Fri, 20 Dec 2024 01:53:31 GMT
server: nginx

GET
H2 200 363020_GettyImages-2180816757_new_80x50_0.webp
static.espreso.tv/uploads/photobank/363000_364000/ 2 KB
2 KB 106ms
105ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/363000_364000/363020_GettyImages-2180816757_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: d18ea500feddc2a100cbdd34144d57994d65f8c1da921d740b14fac0469eb1e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d841-91e"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2334
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 14:12:17 GMT
server: nginx

GET
H2 200 372722_GettyImages-1239471663_new_80x50_0.webp
static.espreso.tv/uploads/photobank/372000_373000/ 2 KB
2 KB 108ms
107ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/372000_373000/372722_GettyImages-1239471663_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 2f6ca86978ffde8a7270021a423fbf93be5b83f71b0224fb21a2448b5d877dcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6764b7d6-68e"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 1678
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Fri, 20 Dec 2024 00:18:30 GMT
server: nginx

GET
H2 200 350715_GettyImages-2156475255_new_80x50_0.webp
static.espreso.tv/uploads/photobank/350000_351000/ 2 KB
2 KB 108ms
108ms Image
image/webp 89.184.82.24
MIROHOST Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.espreso.tv/uploads/photobank/350000_351000/350715_GettyImages-2156475255_new_80x50_0.webp
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.82.24 Kyiv, Ukraine, ASN28907 (MIROHOST Internet Invest, Ltd., US),
Reverse DNS: 2-espresso.tv
Software: nginx /
Resource Hash: 0a2be8de1fcfdc637523e4bb8cb0c1932663d3e8ff22acde96f2d3690e4ab6af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=31536000, max-age=1y, public
etag: "6762d995-85c"
pragma: public
expires: Sat, 20 Dec 2025 05:25:38 GMT
accept-ranges: bytes
content-length: 2140
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/webp
last-modified: Wed, 18 Dec 2024 14:17:57 GMT
server: nginx

GET
H2 200 logo-desktop_new.svg
espreso.tv/svg/ 5 KB
0 1ms
1ms Image
image/svg+xml 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/svg/logo-desktop_new.svg
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e411988255e02c91367385f5c09d16e80f02a9cf4f2f26f3ca6e36e98b49475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
content-encoding: gzip
cf-cache-status: HIT
etag: W/"655229ce-13c1"
age: 5
cf-ray: 8f4d36810f373bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Nov 2023 13:51:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Bold.ttf
espreso.tv/css/fonts/ 58 KB
0 1ms
1ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Bold.ttf
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-e6ec"
age: 21
cf-ray: 8f4d3680ff253bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 59116
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Regular.ttf
espreso.tv/css/fonts/ 59 KB
0 2ms
2ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Regular.ttf
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-eaec"
age: 7
cf-ray: 8f4d36810f343bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 60140
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 GothamPro.ttf
espreso.tv/css/fonts/ 40 KB
0 3ms
3ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/GothamPro.ttf
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-9e10"
age: 21
cf-ray: 8f4d36810f353bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 40464
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Mariupol-Medium.ttf
espreso.tv/css/fonts/ 58 KB
0 4ms
4ms Font
application/octet-stream 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/css/fonts/Mariupol-Medium.ttf
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

front-end-https: on
cache-control: public, max-age=60
cf-cache-status: HIT
etag: "5fd86fcf-e9ac"
age: 5
cf-ray: 8f4d36810f363bcb-WAW
expires: Fri, 20 Dec 2024 05:26:38 GMT
accept-ranges: bytes
content-length: 59820
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/octet-stream
last-modified: Tue, 15 Dec 2020 08:11:59 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 8f4d3680befd3bcb Show response
espreso.tv/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1F56 0
615 B 38ms
34ms XHR
text/plain 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/cdn-cgi/challenge-platform/h/b/jsd/r/8f4d3680befd3bcb
Requested by: Host: espreso.tv
URL: https://espreso.tv/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8f4d3683589a3bcb-WAW
content-length: 0
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 290 B
404 B 39ms
39ms Script
text/javascript 54.37.238.28
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=espreso.tv
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: cd090fc0bc9f02fec429a621360745b1348296820aff658f0a48e3720ea77b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: private, max-age=2592000
etag: PRIVATE7520710249
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Sun, 19 Jan 2025 05:25:38 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 290
date: Fri, 20 Dec 2024 05:25:38 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
content-type: text/javascript
server: GHC

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame 032C 0
0 170ms
59ms Document
text/html 146.59.30.100
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash

Request headers

Referer: https://espreso.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2806
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Dec 2024 05:25:38 GMT
etag: PRIVATE7520710249
expires: Sun, 19 Jan 2025 05:25:38 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 219ms
116ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-93P3ZTPNK3&gtm=45je4cc1v878010584za200&_p=1734672338170&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1345034931.1734672338&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734672338&sct=1&seg=0&dl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&dt=%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%3A%20%D0%93%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D0%BA%D0%B0%20%D0%A0%D0%A4%20%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8%20%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%85%20%D1%80%D0%BE%D1%81%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%20%D0%BD%D0%B0%203%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%BD%20%7C%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&en=page_view&_fv=2&_nsi=1&_ss=1&_ee=1&tfd=541
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://espreso.tv
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
550 B 262ms
137ms Ping
text/plain 142.251.173.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-93P3ZTPNK3&cid=1345034931.1734672338&gtm=45je4cc1v878010584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.173.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: wi-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://espreso.tv
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 collect
www.google.com/ccm/ 0
0 126ms
44ms Ping
text/plain 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&scrsrc=www.googletagmanager.com&frm=0&rnd=635684575.1734672338&dt=%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%3A%20%D0%93%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D0%BA%D0%B0%20%D0%A0%D0%A4%20%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8%20%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0&auid=1382891483.1734672338&navt=n&npa=1&gtm=45je4cc1v878010584za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734672338490&tfd=544&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

GET
H2 200 ga-audiences
www.google.pl/ads/ 42 B
408 B 178ms
79ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-93P3ZTPNK3&cid=1345034931.1734672338&gtm=45je4cc1v878010584za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=441094918

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 20 Dec 2024 05:25:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame C922 0
0 159ms
47ms Document
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fespreso.tv

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 44740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Dec 2024 16:59:58 GMT
expires: Fri, 19 Dec 2025 16:59:58 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1734672338649/
Redirect Chain

https://gaua.hit.gemius.pl/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fespre...
https://gaua.hit.gemius.pl/__/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fes...

167 B
652 B

79ms
78ms

Script
text/javascript

54.37.238.28
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=a.zV44GKtJhg0S2ZRJdhwlkU8ovqySzpcCvxrGqLsDr.97Q4La_STMcC7qjgDULarWAdwWEJjmCrYAaHwAmDKd.znN3k/wvDNlYAmWOZFD/&fpdata=vg8q5J6sQ0qqiSK44xrEqgNsu._PUVgor4kkII7t3yH.C7%7C1734672338%7C2%7C%7C%7C8%2C3%2C32&ltime=197&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6764ffd21ae6bf65&brts=1734672338&fpcap=
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: a8cb1547a138263db70bdc31819505ef1c834c1178068c216c05ed55385bf007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Thu, 19 Dec 2024 05:25:38 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 167
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: text/javascript
server: GHC

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
location: /__/_1734672338649/rexdot.js?l=100&sendf=24&id=bPzglM__Y_smSVDTtJ0_rNTJnFkN_1fCYfeK2XIecaz.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=a.zV44GKtJhg0S2ZRJdhwlkU8ovqySzpcCvxrGqLsDr.97Q4La_STMcC7qjgDULarWAdwWEJjmCrYAaHwAmDKd.znN3k/wvDNlYAmWOZFD/&fpdata=vg8q5J6sQ0qqiSK44xrEqgNsu._PUVgor4kkII7t3yH.C7%7C1734672338%7C2%7C%7C%7C8%2C3%2C32&ltime=197&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6764ffd21ae6bf65&brts=1734672338&fpcap=
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy: cross-origin
expires: Thu, 19 Dec 2024 05:25:38 GMT
accept-ranges: none
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-length: 0
date: Fri, 20 Dec 2024 05:25:38 GMT
server: GHC

POST
H2 201 news-view Show response
espreso.tv/ 15 B
607 B 118ms
117ms XHR
application/json 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/news-view
Requested by: Host: espreso.tv
URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.32
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

X-CSRF-TOKEN: Ky2KN4aI5PkAI4xBCxKul8Higy6HMN4aVviiUouw
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
redaction_id: 1

Response headers

link: </svg/logo-desktop_new.svg>; rel=preload; as=image, </img/mobile-logo_new.svg>; rel=preload; as=image, </css/fonts/Mariupol-Bold.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Regular.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/GothamPro.ttf>; rel=preload; as=font; crossorigin="anonymous", </css/fonts/Mariupol-Medium.ttf>; rel=preload; as=font; crossorigin="anonymous"
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8f4d368579c63bcb-WAW
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: application/json
x-powered-by: PHP/7.3.32
server: cloudflare

GET
H2 200 favicon.ico
espreso.tv/ 15 KB
3 KB 86ms
85ms Other
image/x-icon 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://espreso.tv/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbfa162d6d8bc967ea3354fce5d3a26465cbc40600e332461482c9739c9f9ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"65436747-3c2e"
pragma: public
cf-ray: 8f4d3685ba063bcb-WAW
expires: Sat, 20 Dec 2025 05:25:38 GMT
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/x-icon
last-modified: Thu, 02 Nov 2023 09:09:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ym-init-with-auto-incert-placement-tag.js Show response
cdn.membrana.media/pub_scripts/esp/ 4 KB
2 KB 175ms
77ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/pub_scripts/esp/ym-init-with-auto-incert-placement-tag.js
Requested by: Host: espreso.tv
URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 34900445cc1528f1e8f290df56d489dc6c408e1ac1aa58ec947fd852fb9ded9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "67641ac6-102c"
cdn-fileserver: 845
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-635
last-modified: Thu, 19 Dec 2024 13:08:22 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:09:10
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: ba740f4806fb18096e6412340fad79b5
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 hb_737420_16895.js Show response
player.bidmatic.io/prebidlink/481853/ 2 KB
1 KB 179ms
75ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/prebidlink/481853/hb_737420_16895.js
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: ea241904d1c348a43d31dc77a66de76301a23edafb6babc24788625043865a37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=172800
content-encoding: gzip
etag: W/"67630b1b-624"
expires: Sun, 22 Dec 2024 05:25:39 GMT
access-control-allow-origin: *
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 17:49:15 GMT
server: nginx

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 126ms
51ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

34eabd8d4d4c10ce8f365a4d6c60dea7151c5434317171804d7783096d5fe8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: br
etag: 19 / 20077 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:25:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33616
x-xss-protection: 0
server: cafe

GET
H2 200 wrapper_hb_737420_16895.js Show response
player.bidmatic.io/prebidlink/481853/ 3 KB
1 KB 160ms
56ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/prebidlink/481853/wrapper_hb_737420_16895.js
Requested by: Host: espreso.tv
URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 26e62e6fad5ea44cdf0f56afc41b306c05087ee20d755941a08d35d16f6b237f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=172800
content-encoding: gzip
etag: W/"67630b1b-a27"
expires: Sun, 22 Dec 2024 05:25:39 GMT
access-control-allow-origin: *
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 17:49:15 GMT
server: nginx

GET
H3 200 803960.js Show response
jsc.idealmedia.io/site/ 407 KB
115 KB 61ms
31ms Script
text/javascript 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.idealmedia.io/site/803960.js

Requested by

Host: espreso.tv
URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8424a9d97d2052485c888575d690d882ae7e9bb3f0d6a84cd9c9b5c6e5153eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: X-cntry
content-encoding: gzip
cf-cache-status: HIT
etag: "ef132c24de059093aced9e6fa59c1715"
x-amz-version-id: eaOxHcRaCQmKxb2TKBSYVBX7ZUAnFjA6
age: 2367
expires: Fri, 20 Dec 2024 08:25:39 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/javascript
last-modified: Tue, 17 Dec 2024 12:42:57 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: 2YKMxPaY7/ryfw6C2NbGgxX3dKZwJKSPW+g9ZMAhMfVbSfLjwzFelcryfZpK+PgVy7e3FR854/k=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=10800
x-cntry: PL
x-amz-request-id: Q5KP6YN9AGC2S4SN
cf-ray: 8f4d3688b9bab613-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116767
server: cloudflare
x-amz-server-side-encryption: AES256

GET 5bc9bf81-ed16-4a00-bcba-53c0fa73a8ed
https://espreso.tv/ Frame 0
0

GET 0ffbfbae-f256-479b-868e-79459bbbc8f9
https://espreso.tv/ Frame 0
0

GET
BLOB 206
Partial Content 593738b1-439b-4bb2-a188-50c480a12486
https://espreso.tv/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://espreso.tv/593738b1-439b-4bb2-a188-50c480a12486
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Content-Type: video/mp4
Content-Range: bytes 0-1492/1493
Content-Length: 1493

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 36ms
35ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: br
etag: 5395541545685299795
age: 13746
x-content-type-options: nosniff
expires: Sat, 20 Dec 2025 01:36:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 20 Dec 2024 01:36:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H2 200 hbw_master_737420_16895.js Show response
player.bidmatic.io/prebidlink/ngHM9/ 165 KB
51 KB 102ms
102ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/prebidlink/ngHM9/hbw_master_737420_16895.js
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/481853/wrapper_hb_737420_16895.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: f67ef21a64cd1fcf424a2f0f4909165fb06c7cc3e2419f2ae278d3a16594d6dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=172800
content-encoding: gzip
etag: W/"67630b1b-2945e"
expires: Sun, 22 Dec 2024 05:25:39 GMT
access-control-allow-origin: *
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 17:49:15 GMT
server: nginx

GET
H3 200 /
c.idealmedia.io/pv/ 43 B
219 B 50ms
50ms Image
image/gif 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.idealmedia.io/pv/?lu=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&cbuster=1734672339433557398816&pvid=193e28751e992fc5b37&implVersion=17&cxurl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&site=803960&cid=1307370&i=1&scum=%3F0&scuw=%3F0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8f4d36898a45b613-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 43
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/gif
server: cloudflare
priority: u=3,i

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 50ms
49ms Other
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 7196
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 03:25:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 20 Dec 2024 03:25:43 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 ym.js Show response
cdn.membrana.media/esp/ 463 KB
145 KB 87ms
87ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/esp/ym.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/pub_scripts/esp/ym-init-with-auto-incert-placement-tag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 3ad8222d9e8d4c877b1dbf8c2be0be1edad2b340192060ce40c8ffb0a2b0e560

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "6760804e-73a8b"
cdn-fileserver: 973
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-680
last-modified: Mon, 16 Dec 2024 19:32:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:09:10
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: e3ffd3c304f0e8748f6d9c6e74d717ce
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 hbp_master_737420_16895.js Show response
player.bidmatic.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 452 KB
143 KB 116ms
116ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_737420_16895.js
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/481853/hb_737420_16895.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: bad97827ce9ec1790dff1fd6e63a617f41d37f2b9c38ee949820ff5f68b5af3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: max-age=172800
content-encoding: gzip
etag: W/"675c4eb2-71020"
expires: Sun, 22 Dec 2024 05:25:39 GMT
access-control-allow-origin: *
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 15:11:46 GMT
server: nginx

GET
H2 200 22839168926 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 172ms
72ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22839168926?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

a5b29784b273f692e77f022b8670bad81380479077a60ad30109add105834121

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-76XQMIE7uEaLtluxLstZeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwXP4_eTebwIRbf88wKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhka6RkYxhcYAACwLkY2"
content-security-policy: script-src 'report-sample' 'nonce-76XQMIE7uEaLtluxLstZeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK / Show response
sghb.bidmatic.io/geo/ 162 B
528 B 170ms
41ms XHR
application/json 167.235.37.234
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.bidmatic.io/geo/
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/ngHM9/hbw_master_737420_16895.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.234.37.235.167.clients.your-server.de
Software: Bidmatic /
Resource Hash: b1dc457ef00c9a96d29d5428737bb2df01fb82a96227a83c0e6379e5de63f9ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

X-Robots-Tag: noindex
X-Server-Ip: 167.235.37.234
X-Tte: 22
Connection: Keep-Alive
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Access-Control-Allow-Origin: https://espreso.tv
Content-Length: 162
Date: Fri, 20 Dec 2024 05:25:38 GMT
Content-Type: application/json
Server: Bidmatic
X-Server-Name: ads102

GET
H/1.1 200
OK tracking Show response
sghb.bidmatic.io/adunit/ 43 B
460 B 183ms
39ms XHR
image/gif 167.235.37.234
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.bidmatic.io/adunit/tracking?event=11&type=0&client_id=737420&site_id=16895&strategyId=0&full_page_url=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&adid=wb4fhs.1q&features=81952&vpbv=m346&tte=311&lifecycle_tte=1633
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/ngHM9/hbw_master_737420_16895.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.234.37.235.167.clients.your-server.de
Software: Bidmatic /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

X-Robots-Tag: noindex
Connection: Keep-Alive
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Access-Control-Allow-Origin: https://espreso.tv
Content-Length: 43
Date: Fri, 20 Dec 2024 05:25:38 GMT
Content-Type: image/gif
Server: Bidmatic

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 691ms
254ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://espreso.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 20 Dec 2024 05:25:40 GMT
connection: keep-alive
x-amzn-RequestId: dd0430b0-2b31-9de9-82db-32a4277bc9de

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
718 B 168ms
94ms Fetch
text/plain 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

x-ym-country: PL
cdn-status: 200
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
content-encoding: br
etag: "658ca3a3-3"
cdn-fileserver: 732
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-599
last-modified: Wed, 27 Dec 2023 22:22:27 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:08:33
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: d1576f75939546770f5010e4fda2f222
x-ym-ip: 146.70.161.187
cdn-pullzone: 139012
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 ym-ga.js Show response
cdn.membrana.media/pub_scripts/common/ 1 KB
970 B 39ms
39ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/pub_scripts/common/ym-ga.js?ga_id=G-60RN8X8FNL
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 06a6975027a3fd0765cb460989f11c56e33b66f8bbc215d1a8bea46a61a24de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "67641ac6-496"
cdn-fileserver: 846
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-587
last-modified: Thu, 19 Dec 2024 13:08:22 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:08:34
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 3ba837cee017e758b42e0e86488e4bb1
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
582 B 448ms
304ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 38160ac6ebea9c4106e67d237639460d63f3f3e00574e0445f46665c4371b783

Request headers

Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI2242PNZIGMW/20241220/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=ff7efa7cce60616874c569c2d6063d76b64560c2c40df014773c303c3c3e97af
X-Amz-Date: 20241220T052539Z
X-Amz-Target: Kinesis_20131202.PutRecord
Referer: https://espreso.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection: keep-alive
x-amzn-RequestId: ef99879b-6080-7eb8-b046-858f6cca2a8f
Access-Control-Allow-Origin: *
Content-Length: 110
Date: Fri, 20 Dec 2024 05:25:40 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: 2iw9KBBDUxEPmv0nlGKZTLvRcCuTCmHhwMaZ2yqk1+nzJ57oo+iECFTGTVSfw1jG/K9tHBLq4pE0IJUq8i+TJ5phD6JXdoEbZDjHtF58enQ=

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 313 KB
84 KB 56ms
56ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 580d95964bc029bfe6ff314417d8fe74771c559e7430128310d7b28287418469

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "6764513b-4e27d"
cdn-fileserver: 1003
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-587
last-modified: Thu, 19 Dec 2024 17:00:43 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 17:00:46
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 96a2e2ea222a104a35364fc34d9db7f1
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 120ms
39ms XHR
application/json 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241220

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ccd92395e19e4a30dee49ac5fdf0f028641037cdc0d54ddf4069718fb7030a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"63c-Hh1vKu961icwUvFahjMqOqb07TY"
age: 5084
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230149-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 760
x-jsd-version: 1.0.2275

GET
H2

200

icm.gif
server.smartytech.io/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid=%7Buser_id%7D
https://server.smartytech.io/icm.gif?uid=ec7c040d-96c2-4381-97a8-181b43b6e21c

43 B
338 B

179ms
99ms

Image
image/gif

146.59.69.183
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.smartytech.io/icm.gif?uid=ec7c040d-96c2-4381-97a8-181b43b6e21c
Protocol: H2
Server: 146.59.69.183 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ngx-pl-01.greencuttlefish.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length: 43
date: Fri, 20 Dec 2024 05:25:39 GMT
pragma: no-cache
content-type: image/gif
last-modified: Fri, 20 Dec 2024 05:25:39 GMT
server: nginx

Redirect headers

cache-control: no-store no-transform
location: https://server.smartytech.io/icm.gif?uid=ec7c040d-96c2-4381-97a8-181b43b6e21c
content-length: 143
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58679/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
https://pixel.onaudience.com/?partner=283&mapped=16fb29a3-b292-4fbb-aa50-0c1f853321db&gdpr=0
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

0
108 B

222ms
221ms

Image
text/html

87.248.119.251
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

Protocol

Server

87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Fri, 20 Dec 2024 05:25:40 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
content-length: 257
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2

200

icm
bidder.smartytouch.co/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https://bidder.smartytouch.co/icm?uid=%7Buser_id%7D
https://bidder.smartytouch.co/icm?uid=8c914e88-9207-40d7-8d62-8cc049af4fc0

43 B
268 B

163ms
68ms

Image
image/gif

51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.smartytouch.co/icm?uid=8c914e88-9207-40d7-8d62-8cc049af4fc0
Protocol: H2
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
pragma: no-cache
expires: Wed, 11 Nov 1998 11:11:11 GMT
content-length: 43
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/gif
last-modified: Fri, 20 Dec 2024 05:25:39 GMT
server: nginx

Redirect headers

cache-control: no-store no-transform
location: https://bidder.smartytouch.co/icm?uid=8c914e88-9207-40d7-8d62-8cc049af4fc0
content-length: 140
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 new-E-LIVE_ukr2.jpg
espreso.tv/img/holders/ 7 KB
0 0ms
0ms Image
image/jpeg 104.18.10.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://espreso.tv/img/holders/new-E-LIVE_ukr2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.148 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fa435602b72555524580db7567a92bc2924c8d3a3ef1f7fb29e3e81023cf17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Response headers

cf-bgj: imgq:100,h2pri
etag: "655229ce-2944"
age: 1
cf-cache-status: HIT
expires: Sat, 20 Dec 2025 05:25:38 GMT
cf-polished: origSize=10564
date: Fri, 20 Dec 2024 05:25:38 GMT
content-type: image/jpeg
last-modified: Mon, 13 Nov 2023 13:51:10 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
pragma: public
cf-ray: 8f4d3681dfc03bcb-WAW
accept-ranges: bytes
content-length: 6823
server: cloudflare

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/736438/ 2 KB
1 KB 141ms
57ms Fetch
application/json 45.133.44.4
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/736438/config.json?cb=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_737420_16895.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: de09198f63624f7fba9d44432b46772dbbb97d6138fb1f995dea77ecb995cba8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://espreso.tv/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"67640b3b-858"
expires: Sat, 21 Dec 2024 05:25:39 GMT
x-proxy-cache: HIT
access-control-allow-origin: https://espreso.tv
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/json
last-modified: Thu, 19 Dec 2024 12:02:03 GMT
server: nginx

GET
H3 200 1 Show response
servicer.idealmedia.io/1307370/ 4 KB
2 KB 51ms
51ms Script
application/x-javascript 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.idealmedia.io/1307370/1?scale_metric_1=64.00&scale_metric_2=322.58&scale_metric_3=100.00&w=726&h=250&sz=235x185&szp=1,2,3&szl=1,2,3&sessionId=6764ffd4-0d330&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&cbuster=1734672339686388216675&pvid=193e28751e992fc5b37&implVersion=17&cxurl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&scum=%3F0&scuw=%3F0&mp4=1&ap=1&consentStrLen=0&uniqId=0578d&childs=1685700&niet=4g&nisd=false&jsp=head&pv=5&lct=1734439320&jsv=es6&pageView=1&dpr=1&ref=&hashCommit=ab85adda&tfre=1594

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/site/803960.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac00c1150d2697ab0b99a7eb13adb1beec6e3f94a7b54cd774e6c7e2596cb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8f4d368b1b56b613-WAW
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
107 KB 56ms
56ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-60RN8X8FNL&l=ymDataLayer

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/pub_scripts/common/ym-ga.js?ga_id=G-60RN8X8FNL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3a1e0e25f8676ad1fac7fd1bc33268da8dd5b79a6084dc327d0254bceb7fd79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 20 Dec 2024 05:25:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109879
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 659ms
243ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://espreso.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 20 Dec 2024 05:25:40 GMT
connection: keep-alive
x-amzn-RequestId: f5b55e55-b231-2579-aa6a-5c41ebcedfed

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame EDB0 347 KB
85 KB 172ms
75ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79da988ee52c362adf55e65369eccdc35fe49ba29e02bbabcb4f3dadc70f0e4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"e779c2c2d2871f48f4b42842fa74ba90"
age: 281
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: oo965FRZbU2eeq93-VvLfeMgnC3PPUqpC9kuNr4Yi6WCOqd7TfHqkg==
date: Fri, 20 Dec 2024 05:20:59 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 21:58:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 geolocation.json Show response
cdn.membrana.media/ 3 B
0 66ms
66ms Fetch
text/plain 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/geolocation.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

x-ym-country: PL
cdn-status: 200
access-control-expose-headers: x-ym-country, x-ym-ip, cdn-requestcountrycode
content-encoding: br
etag: "658ca3a3-3"
cdn-fileserver: 732
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-599
last-modified: Wed, 27 Dec 2023 22:22:27 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:08:33
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: d1576f75939546770f5010e4fda2f222
x-ym-ip: 146.70.161.187
cdn-pullzone: 139012
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
582 B 223ms
139ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 9897fd24f778214a2571e94c9d7f0380339f56ad86115f7ce3814ce2b4ff415a

Request headers

Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI2242PNZIGMW/20241220/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=eebfdad8b13b56f74c07ca80889028d3eee84fc70f9db61fb0368b3a90e54fed
X-Amz-Date: 20241220T052539Z
X-Amz-Target: Kinesis_20131202.PutRecord
Referer: https://espreso.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection: keep-alive
x-amzn-RequestId: e5a0f5e7-d439-9aa8-ba7f-f7f3785a343e
Access-Control-Allow-Origin: *
Content-Length: 110
Date: Fri, 20 Dec 2024 05:25:40 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: vPNj9zVB1rEOb4kPToae5tD74JfWacTnwtW/Z4319uRopKhrRqIKgQf408+VbR5z/uQzeRiJKkDmN9iblSt8NjXgXe0Zl7k+HTrFxlAduMQ=

POST
H2 200 load_playlist_attempt
ym-tack.b-cdn.net/ 2 KB
3 KB 155ms
63ms Ping
text/html 138.199.36.11
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_attempt?sellbe;ESP;https://cdn.membrana.media/video/esp/desktop/videoSources.json;;ESP_VIDEO;Video
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: faa1b2a60195198bfa9e5b63b8f15ec5bf1f649cd0b1a5032587ff73420254e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: public, max-age=0
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 780ed898c9953a911c984e4f283febe5
cdn-pullzone: 749406
allow: GET, HEAD, OPTIONS
date: Fri, 20 Dec 2024 05:25:39 GMT
errorcode: 105
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: PL

GET
H2 200 videoSources.json Show response
cdn.membrana.media/video/esp/desktop/ 2 KB
2 KB 64ms
63ms XHR
text/plain 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/esp/desktop/videoSources.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 5b7eb8eec16f4c8f09f07b5885e5d6c3b0bd972c501cec060b6f6769e0173905

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: "510dfee68934ecc0fae748b64df3ef0e"
date: Fri, 20 Dec 2024 05:25:39 GMT
last-modified: Thu, 19 Dec 2024 09:37:35 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: nS5njwaysU8nCShiYrD78vz1CEdZT4j8qONRry8gRQykdCO++M4VaBfmFcKu8mQc8k7jq8T8w30=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 0466fb1b639cef1b1b5a6f7c394f3589
cdn-pullzone: 139012
cdn-proxyver: 1.06
x-amz-request-id: 9A73FS891WQ0ZTJ4
access-control-allow-origin: *
cdn-cachedat: 12/19/2024 13:10:51
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL
x-amz-server-side-encryption: AES256

GET
H2 200 video-js.min.css
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 39 KB
11 KB 128ms
53ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video-js.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
age: 2097886
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10636
x-jsd-version: 7.10.2

GET
H2 200 video.min.js Show response
cdn.jsdelivr.net/npm/video.js@7.10.2/dist/ 507 KB
144 KB 127ms
53ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"7ea72-NUHhQfHLDs+4qjHF6W3MzXuUrNc"
age: 270009
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 147322
x-jsd-version: 7.10.2

GET
H2 206 1-second-of-silence.mp3
video-content.b-cdn.net/common/ 10 KB
10 KB 151ms
58ms Media
audio/mpeg 185.59.220.198
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://video-content.b-cdn.net/common/1-second-of-silence.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 185-59-220-198.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 040afba78307d18849028a77a8d15c71bbd9d53bdc14e355d7e9b4ab7e8a0e07

Request headers

Referer: https://espreso.tv/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cdn-status: 200
cdn-fileserver: 760
date: Fri, 20 Dec 2024 05:25:39 GMT
cdn-storageserver: DE-633
last-modified: Sun, 19 May 2024 18:27:44 GMT
cdn-cachedat: 10/31/2024 14:58:30
content-type: audio/mpeg
cdn-requestpullcode: 206
cdn-cache: HIT
cache-control: public, max-age=259200
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 584da8f46b4a93488da2109495e042ab
Content-Range: bytes 0-9867/9868
cdn-pullzone: 236742
cdn-proxyver: 1.06
Content-Length: 9868
cdn-edgestorageid: 722
server: BunnyCDN-DE1-723
cdn-requestcountrycode: PL

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvODU0MTAzL2QxM2EyODYwOTljMzkzOTA2NDczNDI1MDIyODFjNTc0LmpwZWc.webp
s-img.idealmedia.io/n/11365159/492x277/263x33x1038x584/ 6 KB
6 KB 75ms
51ms Image
image/webp 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/n/11365159/492x277/263x33x1038x584/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvODU0MTAzL2QxM2EyODYwOTljMzkzOTA2NDczNDI1MDIyODFjNTc0LmpwZWc.webp?v=1734672339-kgG5_5Q_hT9xlZcl5r8elJvS2ZCWpXmR1ZGjtEOxnr0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546381f60a1c5a02b7a0338b76873603e30ed7bb18d6afaef2ebf94d43ab15b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 63467
x-mg-request-uuid: 1b8d4bea-72ee-4460-80cc-303ae7875a02
expires: Fri, 20 Dec 2024 11:45:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/webp
last-modified: Thu, 19 Dec 2024 11:41:48 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=86400
cf-ray: 8f4d368bb897eec9-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5676
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvNTA5MTUzLzNlZGQwYjUwNmM4NWE2YTRiNmEzYTJlMDVkMjJlMDUyLmpwZWc.webp
s-img.idealmedia.io/n/11365708/492x277/25x0x971x546/ 24 KB
24 KB 53ms
30ms Image
image/webp 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/n/11365708/492x277/25x0x971x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvNTA5MTUzLzNlZGQwYjUwNmM4NWE2YTRiNmEzYTJlMDVkMjJlMDUyLmpwZWc.webp?v=1734672339-1AfaZZHyPV-QgskS2auYTG7KIToKsTus9MEY7YPTIpQ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565db688435ac052257a240ed18d6e31f90eaeaa33733c4634bf9cd1bc5347bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 50259
x-mg-request-uuid: 34cea08a-137b-48a9-b26e-b2932ee44e1c
expires: Fri, 20 Dec 2024 15:28:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/webp
last-modified: Thu, 19 Dec 2024 15:21:57 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=86400
cf-ray: 8f4d368bb890eec9-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24592
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvNTA5MTUzL2M4YWVjYjNmNTYyZDk0ZjMwZGNkNjY2NDcwNGJhYTRmLmpwZWc.webp
s-img.idealmedia.io/n/11361972/492x277/185x0x1014x570/ 7 KB
8 KB 76ms
52ms Image
image/webp 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.idealmedia.io/n/11361972/492x277/185x0x1014x570/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjQtMTIvNTA5MTUzL2M4YWVjYjNmNTYyZDk0ZjMwZGNkNjY2NDcwNGJhYTRmLmpwZWc.webp?v=1734672339-K5JlnGfBOcfAbgKQiFcKrgKCc2oVQy432g6eF5mHGWo

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b6683c667ef6ca0a57de49ea75519029670480b65c59149b6b2d89583296d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

x-robots-tag: noindex
cf-cache-status: HIT
age: 41872
x-mg-request-uuid: 2c83de3d-5459-4c3d-9631-b0c115bf9d3d
expires: Fri, 20 Dec 2024 17:47:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/webp
last-modified: Tue, 17 Dec 2024 17:46:46 GMT
vary: Accept-Encoding
priority: u=3,i
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=86400
cf-ray: 8f4d368bb89eeec9-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7422
server: cloudflare

GET
H3 200 counter.php
autocounter.idealmedia.io/autocreative/ 0
170 B 158ms
158ms Image
image/gif 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autocounter.idealmedia.io/autocreative/counter.php?id=803960&pid=64803&referer=&cxurl=https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&h2=NyG2P1pzRohUFFokcDiyAY_ThmGTRnTnRkMkwGdaGTTkaVJ2xlwp8mCIal2bR5jc&cbuster=1734672339763334192940

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8f4d368bbbc1b613-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: image/gif
server: cloudflare
priority: u=3,i

GET
H3 200 i.js Show response
cm.idealmedia.io/ 0
214 B 53ms
53ms Script
application/javascript 104.18.164.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.idealmedia.io/i.js?cbuster=1734672339769926078331

Requested by

Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/site/803960.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.164.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
cf-ray: 8f4d368c2c07b613-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript
server: cloudflare
priority: u=3,i=?0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 45ms
44ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-60RN8X8FNL&gtm=45je4cc1v9188966977za200&_p=1734672339701&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1345034931.1734672338&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734672339&sct=1&seg=0&dl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&dt=%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%3A%20%D0%93%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D0%BA%D0%B0%20%D0%A0%D0%A4%20%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8%20%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%85%20%D1%80%D0%BE%D1%81%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%20%D0%BD%D0%B0%203%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%BD%20%7C%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60RN8X8FNL&l=ymDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://espreso.tv
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 AGSKWxXXuxngyWzLoo7BrLGh3L6HNeFhsxMsPeZzSzNvMqQo2d2zs-9pDIcXOiB_jHTP09np-cT190XnpiwjWtq0Dqg_CTRhfdZhZpCtsLkwTT3nBA3RhfUa84K8KdAfCBQAlnrL5JRTTQ== Show response
fundingchoicesmessages.google.com/f/ 463 KB
68 KB 88ms
88ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXuxngyWzLoo7BrLGh3L6HNeFhsxMsPeZzSzNvMqQo2d2zs-9pDIcXOiB_jHTP09np-cT190XnpiwjWtq0Dqg_CTRhfdZhZpCtsLkwTT3nBA3RhfUa84K8KdAfCBQAlnrL5JRTTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NjcyMzM5LDgyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lc3ByZXNvLnR2L3N1c3BpbHN0dm8tcm9zaXlhbmthLXByaWtob3ZhdnNoaS1ncm9tYWR5YW5zdHZvLXJmLXNrdXBpbGEtYWt0aXZpLWxpa3ZpZG92YW5pa2gtcm9zaXlza2lraC1iYW5raXYtdi11a3JhaW5pLW5hLTMtbWxyZC1ncm4tc2toZW1pIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwicGwiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMxXBOUutb-k8BtVpzypD0-s6dP6Vg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

f38f1aa7d673fdf65991ec0aafd4da77d8cddf27b70912198a8437d16494a394

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gs5Er9XHB0fFH-taHvJx7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwXP4_eTebwIIDN1cyK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhka6RkYxhcYAACbOUXb"
content-security-policy: script-src 'report-sample' 'nonce-Gs5Er9XHB0fFH-taHvJx7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 657ms
243ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://espreso.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 20 Dec 2024 05:25:40 GMT
connection: keep-alive
x-amzn-RequestId: f4948190-5fd4-b678-ab4b-8384f3b718ee

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
582 B 444ms
302ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 3d6a0e44b6d899e7b8cf42d2fe66761022f48305ac66b33d81ffe3b9ae0981e2

Request headers

Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI2242PNZIGMW/20241220/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=0f5557b10907653ff9097c2dab8c9771babb17cb40c0473d1255ff66973a4af0
X-Amz-Date: 20241220T052539Z
X-Amz-Target: Kinesis_20131202.PutRecord
Referer: https://espreso.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection: keep-alive
x-amzn-RequestId: f780ca5e-b63d-c2cc-a85f-c84a1a5e6c5a
Access-Control-Allow-Origin: *
Content-Length: 110
Date: Fri, 20 Dec 2024 05:25:40 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: 1u5e7jJqGEM+9RcEeUjF8HhWeZonVEolTFlgDBBZDgVrnodbMUU9P4sdj3go9ZiRTnIChz3ThsSa8AHEHsdq2xu6tWqY+fJ+xhA08yzRbEQ=

POST
H2 200 load_playlist_success
ym-tack.b-cdn.net/ 2 KB
3 KB 52ms
52ms Ping
text/html 138.199.36.11
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/load_playlist_success?sellbe;ESP;https://cdn.membrana.media/video/esp/desktop/videoSources.json;;ESP_VIDEO;Video
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.11 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 138-199-36-11.bunnyinfra.net
Software: BunnyCDN-DE1-1054 /
Resource Hash: faa1b2a60195198bfa9e5b63b8f15ec5bf1f649cd0b1a5032587ff73420254e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: public, max-age=0
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: 677a561a3b0f0841805bef1ddf74a301
cdn-pullzone: 749406
allow: GET, HEAD, OPTIONS
date: Fri, 20 Dec 2024 05:25:39 GMT
errorcode: 105
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: PL

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 69ms
69ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-60RN8X8FNL&gtm=45je4cc1v9188966977za200&_p=1734672339701&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1345034931.1734672338&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1734672339&sct=1&seg=0&dl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&dt=%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%3A%20%D0%93%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D0%BA%D0%B0%20%D0%A0%D0%A4%20%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8%20%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%85%20%D1%80%D0%BE%D1%81%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%20%D0%BD%D0%B0%203%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%BD%20%7C%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&_s=2&tfd=1890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60RN8X8FNL&l=ymDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://espreso.tv
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:39 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 149ms
68ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pl.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyYQz5n5Lb-iGjzhDGmCPA1EhV2Jg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:25:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 20 Dec 2024 05:25:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 3f5x79yTxnA6AUZmxLYRyrdg6kJCUq7_HF_3rxb_Bjj7kkdLBfow0PhJsOtu_OuWr8c2aOtzj7RZNl7aWilnbPRcjS4yZKp_T9lfogDFl-y_d6Nl8HcC=h60
lh3.googleusercontent.com/ 9 KB
9 KB 165ms
51ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3f5x79yTxnA6AUZmxLYRyrdg6kJCUq7_HF_3rxb_Bjj7kkdLBfow0PhJsOtu_OuWr8c2aOtzj7RZNl7aWilnbPRcjS4yZKp_T9lfogDFl-y_d6Nl8HcC=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

41b9f4a6b5428508732199b358bda339a58d31d071b92585a53152b2d4cc1adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 4204
x-content-type-options: nosniff
expires: Sat, 21 Dec 2024 04:15:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 04:15:36 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8747
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 81ms
35ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

age: 245483
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:14:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:14:17 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 82ms
82ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

age: 245483
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:14:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:14:17 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 97ms
51ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

age: 51781
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 15:02:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 15:02:39 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
0 98ms
98ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer: https://espreso.tv/

Response headers

age: 51781
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 19 Dec 2025 15:02:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 15:02:39 GMT
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35328
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxV4yakX_Xs6TnUqRBgvdgWRPMJFpaysEmOhl_BpCFAZKgevUZAbxdVWYdt9ymA0Y8vSVSrVdeP4UNKZjH6Ajbmn3DnCMrVULvVpUPkEdoiK6dfHpX0AwOYyqUm2sTCZ39ufLCph_g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
47ms XHR
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4yakX_Xs6TnUqRBgvdgWRPMJFpaysEmOhl_BpCFAZKgevUZAbxdVWYdt9ymA0Y8vSVSrVdeP4UNKZjH6Ajbmn3DnCMrVULvVpUPkEdoiK6dfHpX0AwOYyqUm2sTCZ39ufLCph_g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kDaJmCu_WqNJHDWUZYWd5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://espreso.tv/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvjyv_Ju9kENiw6LankkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDI30DMziCwwA1U4qjA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kDaJmCu_WqNJHDWUZYWd5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://espreso.tv
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV4yakX_Xs6TnUqRBgvdgWRPMJFpaysEmOhl_BpCFAZKgevUZAbxdVWYdt9ymA0Y8vSVSrVdeP4UNKZjH6Ajbmn3DnCMrVULvVpUPkEdoiK6dfHpX0AwOYyqUm2sTCZ39ufLCph_g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pgK3V7e6B6AXOrOAsj-6Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://espreso.tv/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvjyv_Ju9kEPjz9LKnkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDI30DMziCwwABA0rMg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pgK3V7e6B6AXOrOAsj-6Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://espreso.tv
content-length: 0
x-xss-protection: 0
server: ESF

GET 286ceba9-428b-4d62-b89f-5c70fb4e25ae
https://espreso.tv/ Frame 0
0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 424 KB
145 KB 132ms
47ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

sffe /

Resource Hash

18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:25:40 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148092
date: Fri, 20 Dec 2024 05:25:40 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 71d4b8ca-53d1-4309-a952-3306259fb046 Show response
config.aps.amazon-adsystem.com/configs/ Frame EDB0 563 B
831 B 148ms
55ms Script
application/javascript 18.245.31.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-65.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dbacdbb8326fad0d1b152c6974a065094a2405774a58e222a92ded5e94e256ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
age: 3101
via: 1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: -LB-9JrKKRMqp1EkJ6DP7KED1P3TK2ZwPTlwWkXVeMOTQpd4b-6Pvg==
date: Fri, 20 Dec 2024 04:33:59 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame EDB0 0
306 B 38ms
38ms XHR
text/plain 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fespreso.tv&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 21427
access-control-allow-credentials: true
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
access-control-allow-origin: https://espreso.tv
x-cache: Hit from cloudfront
x-amz-cf-id: 7cTrOHasd9xCdpgON9PHS_8X8hSpTTeYgdF35p2ZVHnBFpOuabW0kg==
date: Thu, 19 Dec 2024 23:28:33 GMT
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EDB0 6 KB
3 KB 154ms
59ms XHR
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7204
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: wi2O2d2y6EN9kW8J2sbylfa2HKRHX-ZGN8zJ0hYTjigPKTCxGF4gRA==
date: Fri, 20 Dec 2024 04:59:26 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 466 B
153 B 45ms
43ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ee2a1086e78705c900001f4b71d75deeaf9ad29062f66f0ffa8dc60981711910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:25:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 128
date: Fri, 20 Dec 2024 05:25:40 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 videojs.ads.css
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 975 B
403 B 55ms
54ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
age: 2084292
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 316
x-jsd-version: 6.7.0

GET
H2 200 videojs.ads.min.js Show response
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/ 27 KB
8 KB 55ms
54ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.7.0/dist/videojs.ads.min.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6a3c-OUUBKv7icoV/OxPeKLpcAlpHAGg"
age: 2655096
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7757
x-jsd-version: 6.7.0

GET
H2 200 videojs.ima.min.css
cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/ 3 KB
937 B 38ms
37ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-ima@1.9.0/dist/videojs.ima.min.css

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"a4e-O74oHTnsIDZGOCZu1d1V6JdzQ/o"
age: 2045083
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230032-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 828
x-jsd-version: 1.9.0

GET
H2 200 videojs.ima.mod.min.js Show response
cdn.membrana.media/video/vast.vpaid/ 35 KB
8 KB 61ms
59ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs.ima.mod.min.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 33aa4d7eba799afdf5afc8d057b50a9e5e5625235c7c64f1a02b2d024c5b71d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "66fec8bd-8c4c"
cdn-fileserver: 181
date: Fri, 20 Dec 2024 05:25:40 GMT
cdn-storageserver: DE-382
last-modified: Thu, 03 Oct 2024 16:39:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:08:34
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: f44a2d01bb7f4f710f85d7420bd641b0
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 videojs_5.vast.vpaid.js Show response
cdn.membrana.media/video/vast.vpaid/ 85 KB
26 KB 61ms
60ms Script
application/javascript 169.150.247.36
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/vast.vpaid/videojs_5.vast.vpaid.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/video/video.js?45507f|adb81c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS: 169-150-247-36.bunnyinfra.net
Software: BunnyCDN-DE1-1079 /
Resource Hash: 862bb4aa2ced2433b44b4343524be034cf7d927d60ea69acc60934bbab825d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cdn-status: 200
content-encoding: br
etag: "6735d89f-15595"
cdn-fileserver: 172
date: Fri, 20 Dec 2024 05:25:40 GMT
cdn-storageserver: DE-632
last-modified: Thu, 14 Nov 2024 11:01:51 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 12/19/2024 13:08:33
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cdn-requestid: c7f980b8001e9b7fc087f0aba4ea3e69
cdn-pullzone: 139012
cdn-proxyver: 1.06
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: PL

GET
H2 200 media Show response
bidder.smartytouch.co/ 11 KB
3 KB 55ms
55ms Script
text/html 51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.smartytouch.co/media?site_id=68&unit_id=175
Requested by: Host: espreso.tv
URL: https://espreso.tv/js/client/build-news.js?id=83b797925252b9afca87
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash: 1d887ba927251ad9328a7726869bb76d97055380157c2dc2f3569213c0ad0f0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-store no-transform
content-encoding: br
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/html; charset=utf-8
server: nginx

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 173ms
142ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://espreso.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 20 Dec 2024 05:25:40 GMT
connection: keep-alive
x-amzn-RequestId: c527ccbc-573b-0698-9af8-cea85b7152af

GET
H2 200 external-167427-20241218-0.webp
membrana-cdn.media/video/esp/ 25 KB
26 KB 159ms
47ms Image
image/webp 91.194.251.83
QOS TOV 'Dream Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://membrana-cdn.media/video/esp/external-167427-20241218-0.webp

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/video.js@7.10.2/dist/video.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.194.251.83 Kyiv, Ukraine, ASN42352 (QOS TOV 'Dream Line Holding', UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

870c9389047e8edd312bb42921eea78d9be9e7355d63f3e4594ccf17a50f468a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=315360000, public
timing-allow-origin: *
etag: "67631602-6590"
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26000
date: Fri, 20 Dec 2024 05:25:40 GMT
x-xss-protection: 1; mode=block
content-type: image/webp
last-modified: Wed, 18 Dec 2024 18:35:46 GMT
server: nginx
x-frame-options: DENY

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
582 B 368ms
309ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 4c326b112ddba86d1718875b62814caa52ad017a1c139b07ee9846661ce4f12d

Request headers

Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI2242PNZIGMW/20241220/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=0218cd8c30ae503c0abc8ca0ab3fa77f64e64d638aeb45a064f8ec96d13bb6d1
X-Amz-Date: 20241220T052540Z
X-Amz-Target: Kinesis_20131202.PutRecord
Referer: https://espreso.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection: keep-alive
x-amzn-RequestId: dad0fe0c-bfc0-09df-850f-fc18e63ff34b
Access-Control-Allow-Origin: *
Content-Length: 110
Date: Fri, 20 Dec 2024 05:25:40 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: P4/iIspNI+fn94N49HICI9FKANaof9/FiA5bmexWMK5rSoV803eRv3dD4YwVEa3O/2vLZI3jD8eH2PutNnCGIzbX4UpDZeSyvjjyGzjPcWY=

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://espreso.tv
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

OPTIONS
H/1.1 200
OK /
kinesis.us-east-2.amazonaws.com/ Frame 0
0 217ms
132ms Preflight 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Request-Method: POST
Origin: https://espreso.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-date,x-amz-target
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 20 Dec 2024 05:25:40 GMT
connection: keep-alive
x-amzn-RequestId: cd8840a3-028e-3465-9257-42b75b71cef1

POST
H/1.1 200
OK / Show response
kinesis.us-east-2.amazonaws.com/ 110 B
582 B 434ms
250ms Fetch
application/x-amz-json-1.1 3.15.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-2.amazonaws.com/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/esp/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.93 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-93.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 18f5d1d5c41ab462924bb5bb1c9e763e58a9a3696f3c9b2513854d459a5797aa

Request headers

Authorization: AWS4-HMAC-SHA256 Credential=AKIA2IUVI2242PNZIGMW/20241220/us-east-2/kinesis/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=9aefe8006788328ee8ff78530e61d1cd84cbb988c250ee23e293ec4f683dc60f
X-Amz-Date: 20241220T052540Z
X-Amz-Target: Kinesis_20131202.PutRecord
Referer: https://espreso.tv/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection: keep-alive
x-amzn-RequestId: d5d409af-7beb-9c0e-8a0b-0bbbaedb8315
Access-Control-Allow-Origin: *
Content-Length: 110
Date: Fri, 20 Dec 2024 05:25:40 GMT
Content-Type: application/x-amz-json-1.1
x-amz-id-2: OXRZEIjkKQsIKiF/s/4hvuWPvuhCGouFnCjjD3xr4+FQQT8nPVmYm2C5NJJqjJ5dtxf2wJqbwwyxUBbIEXlUMDipi/lg6RT18QrJdu+JYtE=

GET
H2 200 bridge3.679.0_en.html
imasdk.googleapis.com/js/core/ Frame 1D19 0
0 140ms
58ms Document
text/html 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://espreso.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 332721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257815
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 09:00:19 GMT
expires: Tue, 16 Dec 2025 09:00:19 GMT
last-modified: Wed, 11 Dec 2024 19:09:08 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 168ms
64ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:25:40 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Fri, 20 Dec 2024 05:25:40 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5EB1 45 KB
15 KB 110ms
36ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 2936
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Fri, 20 Dec 2024 05:36:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 04:36:44 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H2 200 media.min.js Show response
a4p.adpartner.pro/apstc/ 15 KB
4 KB 99ms
98ms Script
application/javascript 51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.516
Requested by: Host: bidder.smartytouch.co
URL: https://bidder.smartytouch.co/media?site_id=68&unit_id=175
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash: c9f21df7f8e35fc1e2a6778f5cd3c490a31c8ff3c49d4abfff348aa3cd828319

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

cache-control: no-store no-transform
content-encoding: br
date: Fri, 20 Dec 2024 05:25:40 GMT
etag: W/"67604aa4-3acd"
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 15:43:32 GMT
server: nginx

GET
H2 204 tt
a4p.adpartner.pro/ Frame 1493 0
0 527ms
450ms Document
text/plain 51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=9b164af3-33dd-4b96-a00f-1f7d6e568ced&site_visited=1&location=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&referer=
Requested by: Host: bidder.smartytouch.co
URL: https://bidder.smartytouch.co/media?site_id=68&unit_id=175
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash

Request headers

Referer: https://espreso.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store no-transform
date: Fri, 20 Dec 2024 05:25:40 GMT
server: nginx

GET
H2 200 ls
a4p.adpartner.pro/media/ Frame 5BEA 0
0 154ms
78ms Document
text/html 51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media/ls?mediaunit=175&apuid=2cce4cd3-8ba8-407c-9d79-966314a782eb&session_pageview=1&session_id=9b164af3-33dd-4b96-a00f-1f7d6e568ced&site_visited=1&location=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi
Requested by: Host: bidder.smartytouch.co
URL: https://bidder.smartytouch.co/media?site_id=68&unit_id=175
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash

Request headers

Referer: https://espreso.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 20 Dec 2024 05:25:40 GMT
server: nginx

POST
H3 200 656496095
google.com/pagead/form-data/ 0
0 115ms
44ms Ping
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/656496095?gtm=45je4cc1v878010584za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&frm=0&pscdl=noapi&auid=1382891483.1734672338&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

POST
H3 200 656496095
google.com/pagead/form-data/ 0
0 113ms
46ms Ping
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/656496095?gtm=45je4cc1v878010584za200&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&frm=0&pscdl=noapi&auid=1382891483.1734672338&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-93P3ZTPNK3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://espreso.tv/

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 61ms
60ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-60RN8X8FNL&gtm=45je4cc1v9188966977za200&_p=1734672339701&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1345034931.1734672338&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1734672339&sct=1&seg=0&dl=https%3A%2F%2Fespreso.tv%2Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi&dt=%D0%A1%D1%85%D0%B5%D0%BC%D0%B8%3A%20%D0%93%D1%80%D0%BE%D0%BC%D0%B0%D0%B4%D1%8F%D0%BD%D0%BA%D0%B0%20%D0%A0%D0%A4%20%D1%81%D0%BA%D1%83%D0%BF%D0%B8%D0%BB%D0%B0%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%B8%20%D0%BB%D1%96%D0%BA%D0%B2%D1%96%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D1%85%20%D1%80%D0%BE%D1%81%D1%96%D0%B9%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%20%D0%BD%D0%B0%203%20%D0%BC%D0%BB%D1%80%D0%B4%20%D0%B3%D1%80%D0%BD%20%7C%20%D0%95%D1%81%D0%BF%D1%80%D0%B5%D1%81%D0%BE&_s=3&tfd=2828
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-60RN8X8FNL&l=ymDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://espreso.tv/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://espreso.tv
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Dec 2024 05:25:40 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 if
a4p.adpartner.pro/tracker/ Frame EC57 0
0 39ms
39ms Document
image/gif 51.83.220.94
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25228c914e88-9207-40d7-8d62-8cc049af4fc0%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A175%252C%2522region_id%2522%253A106%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fespreso.tv%252Fsuspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi%2522%257D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: app-ngx-pl-03.radius.technology
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Fri, 20 Dec 2024 05:25:40 GMT
expires: 0
pragma: no-cache
server: nginx

POST
H/1.1 204
No Content multitracking Show response
sghb.bidmatic.io/adunit/ 0
258 B 103ms
101ms XHR
text/plain 167.235.37.234
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sghb.bidmatic.io/adunit/multitracking
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/prebidlink/ngHM9/hbw_master_737420_16895.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.37.234 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.234.37.235.167.clients.your-server.de
Software: Bidmatic /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://espreso.tv/

Response headers

Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Access-Control-Allow-Origin: https://espreso.tv
Date: Fri, 20 Dec 2024 05:25:39 GMT
Server: Bidmatic
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: espreso.tv
URL: blob:https://espreso.tv/5bc9bf81-ed16-4a00-bcba-53c0fa73a8ed

Domain: espreso.tv
URL: blob:https://espreso.tv/0ffbfbae-f256-479b-868e-79459bbbc8f9

Domain: espreso.tv
URL: blob:https://espreso.tv/286ceba9-428b-4d62-b89f-5c70fb4e25ae

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
espreso.tv/	1970-01-21 01:54:48	Name: uuid Value: 3b708a0d-f4e5-4ac1-bdfa-cdc83fed418b
.espreso.tv/	1970-01-21 01:51:14	Name: __cf_bm Value: QBZo0ORByMthudnJ_QbD.OeZO1AaxDNHZi71ScHe.W4-1734672338-1.0.1.1-QigrQQQ1TLg0HtF5TiAm2UcdOHsBH1rmUqC3pmGxCtX7xXz2oj5pfQ3uZrAQkJdmDAB7wHa2kolLPd33Al.B4Q
.espreso.tv/	1970-01-21 10:36:48	Name: cf_clearance Value: KlzFHasfzw0SYHLKMxK0G_b5gPZu.VIRXuTwGM37sSs-1734672338-1.2.1.1-yNxOq.5FX7K0RGRz8K.JUA.uOrnwzMFLUCq.zwcylrTimjsRI8mFQ4vKyLPC1zrBuXxhgBLuGvfkctX1AXYWJpSJdDV73L2JtPE0JdlgufaIXp4._0PPv3DBn5yzlwrBkWyNtRaOwYZvR0y2umLDUF0BR46EtfUUIUvmjW1r5SIfYdyMqMNQQl1wdrwvPen66ia5M9FM6gk3RiCxu1bcVY5EayU5DqvNY5rSxQkbLXyC65zHDA6EMBzNKwWcShdUBbo.6jV6rnC8HQYEirw2z.rCeagUQErIEEiSMWrFLZzb.SkTJVailtM8GIFSQmdYTKz3sTl79RohZoAzJsJsnDiMgcAhpbqDX0ZLabUYWc9GDRoWRH5jqTonIvwkB.U1
.espreso.tv/	1970-01-21 11:27:12	Name: _ga_93P3ZTPNK3 Value: GS1.1.1734672338.1.0.1734672338.60.0.0
.espreso.tv/	1970-01-21 11:27:12	Name: _ga Value: GA1.1.1345034931.1734672338
.espreso.tv/	1970-01-21 04:00:48	Name: _gcl_au Value: 1.1.1382891483.1734672338
.espreso.tv/	1970-01-21 11:20:00	Name: __gfp_64b Value: vg8q5J6sQ0qqiSK44xrEqgNsu._PUVgor4kkII7t3yH.C7\|1734672338\|2\|\|\|8,3,32
.hit.gemius.pl/	1970-01-21 11:20:00	Name: receive-cookie-deprecation Value: 1
.hit.gemius.pl/	1970-01-21 02:01:17	Name: Gtest Value: KlSLNMXGQMQGCU-10HCZY2lUssGMXP8c25nSGgqp8r4tXBG.
.hit.gemius.pl/	1970-01-21 11:20:00	Name: Gdyn Value: KlSh8MMGQMQGCU-10HCZY2lUssGMXP8c25nSGgqp8r4tFRxSG7RrGS6GuoftFlMQYH8W8jBGqSRxSG8.
.hit.gemius.pl/	1970-01-21 11:20:00	Name: Gdynp Value: Ywbb3oKPleu7vanPw_ib4MKbSw__sIrXb7emOUhYIFb.Q7
espreso.tv/	1970-01-21 01:51:19	Name: XSRF-TOKEN Value: eyJpdiI6InhHWmZwditId3JINlA4azZyVHNvdEE9PSIsInZhbHVlIjoiVXA2NHlqcDlqNWhpZ1ZGRDlWOUVtaG90cHZ3eGNVbWZ2VUpieFhRaDR4WGlwenQxQjFNdllDckZWeUFIRFo2ayIsIm1hYyI6IjQ0Y2I3ZmFkYzAyMTNkNzk5ZjkzMzZkYjZjMWZjZDg0ODk4ZGMwM2UyNWM5YmU3NzA1MTNkZTcyNGZlYmEwMDkifQ%3D%3D
espreso.tv/	1970-01-21 01:51:19	Name: espresotv_session Value: eyJpdiI6IkVCS1J1d2hVVkJIbFY4WlwvbUpYeEZRPT0iLCJ2YWx1ZSI6IkNFRlwveEdJN3BEbitEcEJcL3lmb292YVBCOTdobGJWRnJ6UDBVbVZUVmZoS3hWZ0lpTHVrZmZhXC92NnFPc0Vpd3QiLCJtYWMiOiIxNTlkMTE3ZWU3OTgzN2FmMDBiNWRkODdmM2U1MzUwOWZjYjRmYmM3MzQ2OGU0ZTc5ZjMyYzRlOWViM2MxY2FlIn0%3D
espreso.tv/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%7D
.espreso.tv/	1970-01-21 10:36:48	Name: ym_periodical_actions Value: {}
.espreso.tv/	1970-01-21 10:36:48	Name: _pubcid Value: 0678fb09-3933-41df-a791-73c84fbabead
.espreso.tv/	1970-01-21 10:36:48	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
a4p.adpartner.pro/	1970-01-21 03:17:36	Name: apuid Value: 8c914e88-9207-40d7-8d62-8cc049af4fc0
server.smartytech.io/	1970-01-21 10:36:48	Name: uid Value: ec7c040d-96c2-4381-97a8-181b43b6e21c
.onaudience.com/	1970-01-21 10:36:48	Name: cookie Value: 6c4ae225fcbfe38c
.onaudience.com/	1970-01-21 01:52:38	Name: done_redirects252 Value: 1
espreso.tv/	1970-01-21 01:51:14	Name: session_id Value: 9b164af3-33dd-4b96-a00f-1f7d6e568ced
espreso.tv/	1970-01-21 01:51:14	Name: session_pageview Value: 1734672340.1
espreso.tv/	1970-01-21 02:34:24	Name: site_visited Value: 1734758740.1
a4p.adpartner.pro/	1970-01-21 11:27:12	Name: apudmg Value: 1
espreso.tv/	1970-01-21 11:27:12	Name: lapuid Value: 8c914e88-9207-40d7-8d62-8cc049af4fc0
.espreso.tv/	1970-01-21 11:27:12	Name: _ga_60RN8X8FNL Value: GS1.1.1734672339.1.0.1734672340.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://espreso.tv/suspilstvo-rosiyanka-prikhovavshi-gromadyanstvo-rf-skupila-aktivi-likvidovanikh-rosiyskikh-bankiv-v-ukraini-na-3-mlrd-grn-skhemi Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D00B4250000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
autocounter.idealmedia.io
bidder.smartytouch.co
c.amazon-adsystem.com
c.idealmedia.io
cdn.jsdelivr.net
cdn.membrana.media
cm.idealmedia.io
cms.analytics.yahoo.com
config.aps.amazon-adsystem.com
espreso.tv
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gaua.hit.gemius.pl
google.com
imasdk.googleapis.com
jsc.idealmedia.io
kinesis.us-east-2.amazonaws.com
lh3.googleusercontent.com
ls.hit.gemius.pl
membrana-cdn.media
pagead2.googlesyndication.com
pixel.onaudience.com
player.adtelligent.com
player.bidmatic.io
region1.analytics.google.com
region1.google-analytics.com
s-img.idealmedia.io
s0.2mdn.net
securepubads.g.doubleclick.net
server.smartytech.io
servicer.idealmedia.io
sghb.bidmatic.io
static.espreso.tv
stats.g.doubleclick.net
ups.analytics.yahoo.com
video-content.b-cdn.net
www.google.com
www.google.pl
www.googletagmanager.com
ym-tack.b-cdn.net
espreso.tv
104.18.10.148
104.18.164.66
108.138.3.93
138.199.36.11
142.250.184.200
142.250.184.230
142.250.185.234
142.250.186.129
142.250.186.35
142.250.186.68
142.251.173.154
146.59.30.100
146.59.69.183
151.101.129.229
167.235.37.234
169.150.247.36
172.217.16.194
172.217.16.195
172.217.18.14
18.245.31.65
185.59.220.198
216.239.34.36
216.58.206.46
216.58.212.130
216.58.212.170
3.15.36.93
45.133.44.3
45.133.44.4
51.83.220.94
54.37.238.28
54.38.113.3
87.248.119.251
89.184.82.24
91.194.251.83
0316d4a1d8f6f9e6d576e5b4630a7f14f4fb3dc7d9c91410004aa365b1c2bdae
040afba78307d18849028a77a8d15c71bbd9d53bdc14e355d7e9b4ab7e8a0e07
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
06a6975027a3fd0765cb460989f11c56e33b66f8bbc215d1a8bea46a61a24de5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b6683c667ef6ca0a57de49ea75519029670480b65c59149b6b2d89583296d5
0a2be8de1fcfdc637523e4bb8cb0c1932663d3e8ff22acde96f2d3690e4ab6af
0e411988255e02c91367385f5c09d16e80f02a9cf4f2f26f3ca6e36e98b49475
0f3874642365028c18f83e93467e50777b8ed351819bda5d5477e95ef11a4c7f
0f6eec825e70695555c04ad585dfa074403f93c86dd2ad619330b6599fc19235
18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c
18f5d1d5c41ab462924bb5bb1c9e763e58a9a3696f3c9b2513854d459a5797aa
19bf71bdf42ba7e514b215d2b842343315ba61d4993aabbd17d7e3befd010f9d
1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174
1d887ba927251ad9328a7726869bb76d97055380157c2dc2f3569213c0ad0f0c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26e62e6fad5ea44cdf0f56afc41b306c05087ee20d755941a08d35d16f6b237f
2b979bca801cc23f0f1c3b403fa5b9c36a83bb40f9ee59504729cada80034d98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6ca86978ffde8a7270021a423fbf93be5b83f71b0224fb21a2448b5d877dcb
30582fe6ab33b3669b1daa105082da8f4aa23d96874230a1199da84632df85a9
33aa4d7eba799afdf5afc8d057b50a9e5e5625235c7c64f1a02b2d024c5b71d1
34900445cc1528f1e8f290df56d489dc6c408e1ac1aa58ec947fd852fb9ded9b
34eabd8d4d4c10ce8f365a4d6c60dea7151c5434317171804d7783096d5fe8e3
38160ac6ebea9c4106e67d237639460d63f3f3e00574e0445f46665c4371b783
3a1e0e25f8676ad1fac7fd1bc33268da8dd5b79a6084dc327d0254bceb7fd79a
3ad8222d9e8d4c877b1dbf8c2be0be1edad2b340192060ce40c8ffb0a2b0e560
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d6a0e44b6d899e7b8cf42d2fe66761022f48305ac66b33d81ffe3b9ae0981e2
41b9f4a6b5428508732199b358bda339a58d31d071b92585a53152b2d4cc1adb
457af3e64c0c9f521adab81c34598c7a111d1e02ca698f4ff88e1b0c58d8f6af
46440d0e46cff23b0cf64b63670085ab88fb36656e469f89d3f78f2b0ae0169b
4681c6b5ce2f7549eec273f6e0c1aa7b6d50b4d5f5fecab2790b29bf2cb1976c
4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9
479a52faa72664b9318911a1f3cd1a082dd169090b9bf688fbf54981a7544f3d
489229e91baa64ed39a2e925ed8e6212fcb208680c150b06fb97004ef7c057ad
4c326b112ddba86d1718875b62814caa52ad017a1c139b07ee9846661ce4f12d
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
546381f60a1c5a02b7a0338b76873603e30ed7bb18d6afaef2ebf94d43ab15b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565db688435ac052257a240ed18d6e31f90eaeaa33733c4634bf9cd1bc5347bf
5725950dfca860da5fde6d0cb442f094d47664536c7d60af28c4f336a0d1065e
5785fc915e92d5e3a0b57937ddd092eb5d3bc72294427b4b8f1a967f8f063af2
57c913dc95d16172397422ada208071f527339dc1153b77a26b24598923be6d7
580d95964bc029bfe6ff314417d8fe74771c559e7430128310d7b28287418469
58680276aeb927baf3a354c7294edb9ecdb99073c00a98421a8b51dd7bef1b7d
5b7eb8eec16f4c8f09f07b5885e5d6c3b0bd972c501cec060b6f6769e0173905
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
736667745e8a015c3bce5350290b51b7a98b7b855d6e216a3eb745d851c116f9
73a6c45f0078bb1effaa54988dbf22b20f304e00a50d0ce9941d3ab560afee94
79da988ee52c362adf55e65369eccdc35fe49ba29e02bbabcb4f3dadc70f0e4c
7ac00c1150d2697ab0b99a7eb13adb1beec6e3f94a7b54cd774e6c7e2596cb8a
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
822c7b25801ee0dabc618ab562de35abd6c93950d750156f2c93ca1916bf94bc
8424a9d97d2052485c888575d690d882ae7e9bb3f0d6a84cd9c9b5c6e5153eca
862bb4aa2ced2433b44b4343524be034cf7d927d60ea69acc60934bbab825d98
870c9389047e8edd312bb42921eea78d9be9e7355d63f3e4594ccf17a50f468a
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
90a5ac5341501278b98edc55f0ff9b9fd42cf8454359e6fb37d79d7388cc9bd8
94021ffb803e0404faee97b71d30522368f1d45b57f9db51723832a80d479280
947b57c65471acbbcacd177e28206f1ec71f1d93da43f07f7cb7b153924ab5e7
9897fd24f778214a2571e94c9d7f0380339f56ad86115f7ce3814ce2b4ff415a
9bbfa162d6d8bc967ea3354fce5d3a26465cbc40600e332461482c9739c9f9ea
a5b29784b273f692e77f022b8670bad81380479077a60ad30109add105834121
a8cb1547a138263db70bdc31819505ef1c834c1178068c216c05ed55385bf007
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
afdc0c9d333535763aa9bd3dfd8774ce5e91e25d7f88f94ed04dbcf15a37422a
b1dc457ef00c9a96d29d5428737bb2df01fb82a96227a83c0e6379e5de63f9ab
bad97827ce9ec1790dff1fd6e63a617f41d37f2b9c38ee949820ff5f68b5af3e
c8965b75ee8e8da5b0bccf088e3637d5500cf3acd1dd9e038f586248c20b166e
c9f21df7f8e35fc1e2a6778f5cd3c490a31c8ff3c49d4abfff348aa3cd828319
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccd92395e19e4a30dee49ac5fdf0f028641037cdc0d54ddf4069718fb7030a47
cd090fc0bc9f02fec429a621360745b1348296820aff658f0a48e3720ea77b1a
cdef9057805a32902d50a4437ead1bc93a5ca35091a0feb717ce1914f40d968f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d18ea500feddc2a100cbdd34144d57994d65f8c1da921d740b14fac0469eb1e6
d4f9e3bf5329c277674a387af703da3ee8b93ab69f48b357cae8d80b70a472b2
d61110a1011b58f2e06d83a7f907f108a7efa2c7d0cdbd39c911f32719007792
dbacdbb8326fad0d1b152c6974a065094a2405774a58e222a92ded5e94e256ca
dc4a147064e6daba7050db0e8241dc49b1fbb865ac5e5fcf6e791c3a2aa15b89
de09198f63624f7fba9d44432b46772dbbb97d6138fb1f995dea77ecb995cba8
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c
e0fa435602b72555524580db7567a92bc2924c8d3a3ef1f7fb29e3e81023cf17
e105ec2bafa8947eda48bfc0998b2c69a8a34f4dfee473e6f409f9f901954f97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55e1c6890181c506274ab274b1ceef20e3df6420cd7c493cefee621bbbb6b5f
ea241904d1c348a43d31dc77a66de76301a23edafb6babc24788625043865a37
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee2a1086e78705c900001f4b71d75deeaf9ad29062f66f0ffa8dc60981711910
eec43f4e547503dd4405a17d90c1efa320af4ee111207d409d04fda8870d4188
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f143204a833cd66a8797daf47b2981e83a23ae37cce8c69f12dd554213589b27
f38f1aa7d673fdf65991ec0aafd4da77d8cddf27b70912198a8437d16494a394
f67ef21a64cd1fcf424a2f0f4909165fb06c7cc3e2419f2ae278d3a16594d6dc
faa1b2a60195198bfa9e5b63b8f15ec5bf1f649cd0b1a5032587ff73420254e5
fad908b878a641cb38660bd65edab516e06f3dc7dc25758f79292e660d35762b
fc7910d656012af750f40a6bffcd9b52f486ecb1e47b2c04197c50523fc10b39
fca257c7b106dc65ada2ff46e41b24d9ffe192493abda8854277b27d4860a794
fdf5dfab742b9d6c8c626174cd7e8899d2350d3ada34202ad6f3e87dadabb36c

espreso.tv Open in urlscan Pro 104.18.10.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

146 Requests

94 %HTTPS

0 %IPv6

26 Domains

42 Subdomains

34 IPs

7 Countries

2213 kBTransfer

7312 kBSize

27 Cookies

13 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

espreso.tv Open in urlscan Pro
104.18.10.148 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

94 %
HTTPS

0 %
IPv6

26
Domains

42
Subdomains

34
IPs

7
Countries

2213 kB
Transfer

7312 kB
Size

27
Cookies

146 HTTP transactions
1 data transactions